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Abstract. The operational semantics of interactive systems is usually described by la- 
beled transition systems. Abstract semantics (that is defined in terms of bisimilarity) is 
characterized by the final morphism in some category of coalgebras. Since the behaviour 
of interactive systems is for many reasons infinite, symbolic semantics were introduced 
as a mean to define smaller, possibly finite, transition systems, by employing symbolic 
actions and avoiding some sources of infiniteness. Unfortunately, symbolic bisimilarity has 
a different shape with respect to ordinary bisimilarity, and thus the standard coalgebraic 
characterization does not work. In this paper, we introduce its coalgebraic models. 

We will use as motivating examples two asynchronous formalisms: open Petri nets and 
asynchronous pi-calculus. Indeed, as we have shown in a previous paper, asynchronous 
bisimilarity can be seen as an instance of symbolic bisimilarity. 



A compositional interactive system is usually denned as a labelled transition system (lts) 
where states are equipped with an algebraic structure. Abstract semantics is often defined 
as bisimilarity. Then a key property is that "bisimilarity is a congruence", i.e., that abstract 
semantics respects the algebraic operations. 

Universal Coalgebra [40J provides a categorical framework where the behaviour of dy- 
namical systems can be characterized as final semantics. More precisely, if CoalgB (i.e., 
the category of B-coalgebras and B-cohomomorphisms for a certain endofunctor B) has a 
final object, then the behavior of a B-coalgebra is defined as a final morphism. Intuitively, 
a final object is a universe of abstract behaviors and a final morphism is a function mapping 
each system in its abstract behavior. Ordinary LTSs can be represented as coalgebras for 
a suitable functor. Then, two states are bisimilar if and only if they are identified by a 
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final morphism. The image of a certain LTS through a final morphism is its minimal rep- 
resentative (with respect to bisimilarity) , which in the finite case can be computed via the 
partition refinement algorithm [26]. Existence and construction of the minimal transition 
system is a key property of the coalgebraic approach. It allows to model check efficiently 
for several properties by eliminating redundant states once and for all. In fact most model 
checking logics are adequate, namely either a formula holds in both the given system and 
in its minimal representative or it does not hold in both of them. 

When bisimilarity is not a congruence, the abstract semantics is defined either as the 
largest congruence contained in bisimilarity [31] or as the largest bisimulation that is also 
a congruence [36J. In this paper we focus on the latter and we call it saturated bisimilarity 
Indeed it coincides with ordinary bisimilarity on the saturated transition system that 
is obtained from the original LTS by adding the transition p ^> q, for every context c, 
whenever c(p) — > q. 

Many interesting abstract semantics are defined in this way. For example, since late 
and early bisimilarity of the 7r-calculus [33] are not preserved under substitution (and thus 
under input prefixes), in [41] Sangiorgi introduces open bisimilarity as the largest bisimula- 
tion on 7r-calculus agents which is closed under substitutions. Other noteworthy examples 
are asynchronous 7r-calculus [HG5], mobile ambients calculus [121 [30] and (explicit [15] ) 
fusion calculus [37]. The definition of saturated bisimilarity as ordinary bisimilarity on the 
saturated lts often makes infinite the portion of lts reachable by any nontrivial agent and, 
in any case, is very inefficient, since it introduces a large number of additional states and 
transitions. Inspired by Hennessy and Lin [24], who introduced a symbolic semantics of 
value passing calculi, Sangiorgi defines in [41] a symbolic transition system and symbolic 
bisimilarity that efficiently characterizes open bisimilarity. After this, many formalisms 
have been equipped with a symbolic semantics. 

In [8], we have introduced a general model that describes at an abstract level both 
saturated and symbolic semantics. In this abstract setting, a symbolic transition p p' 
means that c(p) — >■ p' and c is a smallest context that allows p to performs such a transition. 
Moreover, a certain derivation relation h amongst the transitions of a system is defined: 
p -^-4 pi h p I p2 means that the latter transition is a logical consequence of the former. 
In this way, if all and only the saturated transitions are logical consequences of symbolic 
transitions, then saturated bisimilarity can be retrieved via the symbolic LTS. 

Unfortunately, the ordinary bisimilarity over the symbolic transition system differs from 
saturated bisimilarity. Symbolic bisimilarity is thus defined with an asymmetric shape: in 
the bisimulation game, when a player proposes a transition, the opponent can answer with 

a move with a different label. For example in the open 7r-calculus, a transition p - — ^> p 1 
can be matched by q — >■ q' . Moreover, the bisimulation game does not restart from p' and 
q', but from p' and q'{b/a}. 

For this reason, ordinary coalgebras fail to characterize symbolic bisimilarity. Here, we 
provide coalgebraic models for it by relying on the framework of [8]. 

Consider the example of open bisimilarity discussed above. The fact that open bisimu- 
lation does not relate the arriving states p' and q', but p' and q'{b/a}, forces us to look for 
models equipped with an algebraic structure. In [42J, bialgebras are introduced as a both 
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algebraic and coalgebraic model, while an alternative approach based on structured coalge- 
bras, i.e., on coalgebras in categories of algebras, is presented in [13]. In this paper we adopt 
the latter and we introduce Coalgn (Section [6]), a category of structured coalgebras where 
the saturated transition system can be naively modeled in such a way that ~ s coincides 
with the kernel of a final morphism. Then, we focus only on those H-coalgebras whose 
sets of transitions are closed w.r.t. the derivation relation K These form the category of 
saturated coalgebras Coalgs T (Section 17. ip that is (isomorphic to) a covariety of Coalgn- 
Thus, it has a final object and bisimilarity coincides with the one in Coalgn- 

In order to characterize symbolic bisimilarity, we introduce the notions of redundant 
transition and semantically redundant transition. Intuitively, a transition p q ig 

redundant if there exists another transition p p 1 that logically implies it, that is 

p -—f p\ h p q; it is semantically redundant, if it is "redundant up to bisimilarity", 
i.e., p — — > p\ h p — — > p2 and q is bisimilar to pi. Now, in order to retrieve saturated 
bisimilarity by disregarding redundant transitions, we have to remove from the saturated 
transition system not only all the redundant transitions, but also the semantically redun- 
dant ones. This is done in the category of normalized coalgebras CoalgN T (Section 17. 21) . 
These are defined as coalgebras without redundant transitions. Thus, by definition, a final 
coalgebra in CoalgN T has no semantically redundant transitions. 

We prove that Coalgs x and CoalgN T are isomorphic (Section 17. 3p . This means that 
a final morphism in the latter category still characterizes ~ 5 , but with two important 
differences w.r.t. Coalgs x . First of all, in a final Nx-coalgebra, there are no semantically 
redundant transitions. Intuitively, a final Nx-coalgebra is a universe of abstract symbolic 
behaviours and a final morphism maps each system in its abstract symbolic behaviour. 
Secondly, minimization in CoalgN T is feasible, while in Coalgs x is not, because saturated 
coalgebras have all the redundant transitions. Minimizing in CoalgN T coincides with a 
symbolic minimization algorithm that we have introduced in [10] (Section [8]). The algorithm 
shows another peculiarity of normalized coalgebras: minimization relies on the algebraic 
structure. Since in bialgebras bisimilarity abstracts away from this, we can conclude that our 
normalized coalgebras are not bialgebras. This is the reason why we work with structured 
coalgebras. 

As motivating examples we will show open Petri nets |27[ [3] (Section [2]) and asynchro- 
nous 7r-calculus [25\ [T] (Section [1]). In [8], we have shown that asynchronous bisimilarity 
[1] is an instance of symbolic bisimilarity. Indeed, in the definition of asynchronous bisim- 

ulation, the input transition p — £ p' can be matched either by q ^4 q' or by q q' . In 
the latter case, the bisimulation game does not restart from p' and q' but from p' and q'\ab. 
Thus our framework will provide, as lateral result, also a coalgebraic model for asynchronous 
bisimilarity that, as far as we know, has never been proposed so far. 

In Section 2] and [5] we report the framework of [8] and we recall the basic notions on 
(structured) coalgebras. In Section [3] we introduce a further example aimed at clarifying the 
whole framework (by avoiding all the technical details of open Petri nets and asynchronous 
it). All proofs are in Appendix. 

Previous works. Our work relies on the framework introduced in [8J and on the mini- 
mization algorithm in [TQ]. In this work we focus on the coalgebraic characterization of 
them that appeared in [9j. The present paper extends [9] by (1) introducing the example of 
asynchronous 7r-calculus, (2) by adding all the proofs, (3) by explaining in full details the 
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relationship with the minimization algorithm in |10| . Normalized coalgebras have been pre- 
viously introduced in [7] for giving a coalgebraic characterization of the theory of reactive 
systems by Leifer and Milner [29] . 

1. Asynchronous 7t-calculus 

Asynchronous 7r-calculus has been introduced in [25J for modeling distributed systems in- 
teracting via asynchronous message passing. Differently from the synchronous case, where 
messages are sent and received at the same time, in the asynchronous communication, mes- 
sages are sent and travel through some media until they reach the destination. Therefore 
sending messages is non blocking (i.e., a process can send messages even if the receiver is 
not ready to receive), while receiving is blocking (processes must wait until the message has 
arrived). This asymmetry is reflected on the observations: since sending is non blocking, 
receiving is unobservable. 

In this section, we introduce asynchronous 7r-calculus and two definitions of bisimilarity 
(~ 1 and ~ a ) that, as proved in PQ, coincide. In Section [4l we will show that the first is an 
instance of our general definition of saturated bisimilarity (Definition 14. 2p while the second 
of symbolic bisimilarity (Definition 14.1 1 j) . 

Let M be a set of names (ranged over by a, b, c ... ) with r ^ M. The set of 7r-processes 
is defined by the following grammar: 

p::=ab, Pi\p2, va.p, \g, m m ::= 0, a.p, ra\ + mi a ::= a(b), r 

The main difference with the ordinary 7r-calculus |33j is that here output prefixes are missing. 
The occurrence of an unguarded ab can be thought of as message b that is available on some 
communication media named a. This message is received whenever it disappears, i.e., it is 
consumed by some process performing an input. Thus the action of sending happens when 
ab becomes unguarded. 

Considering a(b).p and vb.p, the occurrences of b in p are bound. An occurrence of a 
name in a process is free, if it is not bound. The set of free names of p (denoted by fn(p)) is 
the set of names that have a free occurrence in the process p. The process p is a-equivalent 
to q (written p = a q), if they are equivalent up to a-renaming of bound occurrences of 
names. The operational semantics of 7r-calculus is a transition system labeled on actions 
Act = {a(b),ab,a(b),T \ a,b € M} (ranged over by /x) where b is a bound name (written 
b 6 bn(fi)) in a(b) and a(b). In all the other cases a and b are free in fi (a,b £ fn(/x)). By 
nm(ju) we denote the set of both free and bound names of fi. 

The labeled transition system (lts) is inductively defined by the rules in Table [TJ where 
we have omitted the symmetric version of the rules SUM, par, COM and CLS and where we 
consider processes up to a-equivalence, i.e., we have implicitly assumed the rule 

m. _ / 

P -> Q P=aP 

' K ' 

P -» Q 

The main difference with the synchronous case is in the notion of observation. Since 
sending messages is non-blocking, then an external observer can just send messages to a 
system without knowing if they will be received or not. For this reason the receiving action 
is not observable and the abstract semantics is defined disregarding input transitions. 
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(tau) r.p A p (in) a(b).p ^4 p{ c /b} (out) ab ^ 

(COM) P->P T g (SUM) - (PAR) P-^P bn( M ) n fhfo) = 

p|g — »p|<z p + q—>p p\q—>p\q 

ab , ii A a(6) , a(&) / 

(OPN) -J^±g- 6 * a (REP) (°"0 ? , ? * 

vb.p -^lp' !m -> g p|g -> vb.p \q 

A ' 

(RES) , P i P 1 . b i nrnfrf 

vb.p — > w.p 

Table 1: Operational semantics of asynchronous 7r-calculus. 



As in the case of the standard 7r-calculus, in the bisimulation game we have to take 

care of the bound names in output actions. Indeed, when a process p -^X p', the name b is 
initially bound in p and becomes free in p'. Thus, in order to avoid name-clashes, in the 
bisimulation game when comparing p and q, we require b to be fresh, namely, different from 
all the free names of p and q. In the following definitions, by "bn(//) is fresh" we mean that 
if // has a bound name, then it is fresh. 

Definition 1.1 (or-Bisimilarity). A symmetric relation R is an or -bisimulation iff, when- 
ever pRq: 

• if p — > p' where fi is not an input action and bn(/i) is fresh, then 3q' such that q A q' 
and p'Rq' . 

We say that p and q are oT-bisimilar (written p ~ or q) if and only if there exists an or- 
bisimulation relating them. 

Note that a(x).yx ~ OT a(x).dx, even if the two processes are really different when they 
are put in parallel with a process ab. In order to obtain an abstract semantics preserved 
under parallel composition, we proceed analogously to saturated bisimilarity (that we will 
show in Definition I4.2[) . i.e., at any step of the bisimulation we put the process in parallel 
with all possible outputs. 

Definition 1.2 (1-Bisimilarity). A symmetric relation R is an 1 -bisimulation iff, Va6, when- 
ever pRq, 

• if ab|p A- p' where \x is not an input action and bn(/x) is fresh, then 3q' such that ab\q A q' 
and p'Rq' . 

We say that p and q are 1-bisimilar (written p ~ x q) if and only if there exists an 1- 
bisimulation relating them. 

The above definition is not very efficient since it considers a quantification over all 
possible output in parallel. Instead of considering all possible output contexts, we could 
also consider the input actions. This leads to the following notion of syntactic bisimulation. 

Definition 1.3 (Syntactic Bisimilarity). A symmetric relation R is a syntactic bisimulation 
iff, whenever pRq: 

• if p — > p' where bn(/i) is fresh, then 3q' such that q A q' and p'Rq'. 

We say that p and q are syntactic bisimilar (written p r^ SYN g) if and only if there exists a 
syntactic bisimulation relating them. 
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r.vy.ya + a(b).ab -a{a)i 




aa 



vy.ya ■ 
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; — vy.ya\aa 




- , fu\ -u " |aa ' T - 
r.vy.ya + a[b).ab\ aa\ 



2 
Oi 



_ —,aa _ 

i/y.yai — i/y.ya|aai 

_ — _ , 

vy.ya 2 ■< — vy.ya\ab 2 
(B) 



r.Oi 




(C) 



a6[ac3 



Figure 1: (A) Part of the infinite lts of r.vy.ya + a(b).ab and the lts of r.O. (B) The 
symbolic transition system a of r.vy.ya + a(b).abi and r.Oi. (C) Part of the 
infinite saturated transition system of r.Oi. 



Note that syntactic bisimilarity is strictly included into 1-bisimilarity. Indeed, 

r + a(b).ab ~ x r, but r + a(6).o6 / 5yAr r. 

The former equivalence can be understood by observing that both processes can perform 
a r transition in any possible context and, when inserted into the context — \ax, both 
can perform a r transition going into ax. More generally, it holds that for all processes 
p r^ 1 q r^ 1 r: 

r.p + a(b).(ab\q) ~ x r.r 
For instance, by taking q = r = and p = vy.ya (that is 1-bisimilar to 0, since both cannot 
move), we have that r.vy.ya + a(b).ab ~ x r.O. Their ltss are shown in Figure QJA). 

In order to efficiently characterize ~ , without considering all possible contexts, we 
have to properly tackle the input transitions. 

Definition 1.4 (Asynchronous Bisimilarity). A symmetric relation R is an asynchronous 
bisimulation iff whenever pRq, 

• if p — >■ p' where \x is not an input action and bn(^) is fresh, then 3^' such that q A- q' 
and p'Rq', 

• if p — ^ p', then 3^' such that either q -^J q' and p'Rq', or q ^ q' and p'R(q'\ab). 

We say that p and g are asynchronous bisimilar (written p ~ a q) if and only if there is an 
asynchronous bisimulation relating them. 

For instance, the symmetric closure of the following relation is an asynchronous bisim- 
ulation. 

R = {(r.vy.ya + a(b).ab, r.O), (vy.ya, 0)} U {(ax, vy.ya\ax) \ x £ AT} 
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Figure 2: Si and S2 are two open Petri nets. (A) Part of the infinite transition system of 
(£2,0). (B) The symbolic transition system of (82,0,), (62,6) and {S2,cy}. 

In [I], it is proved that ~ 1 =~ a . In Section 0] we will show that this result is an instance of 
a more general theorem (Theorem I4,12p . since ~ x is an instance of saturated bisimilarity 
and ~ a is an instance of symbolic bisimilarity. The main contribute of this paper is to 
give coalgebraic characterization to saturated and symbolic semantics and thus we will 
characterize both ~ 1 and ~ a via coalgebras. 

2. Open Petri nets 

Differently from process calculi, Petri nets do not have a widely known interactive behavior. 
Indeed they model concurrent systems that are closed, in the sense that they do not interact 
with the environment. Open nets \27\ [3] are P/T Petri nets [39] that can interact by 
exchanging tokens on input and output places. 

Given a set X, we write X® for the free commutative monoid over X. A multiset 
m € X® is a finite function from 1 to w (the set of natural numbers) that associates a 
multiplicity to every element of X. Given two multisets mi and m-i, mi © m% is defined as 
\/x 6 X, mi © 771-2(2;) = mi(x) + 771,2 (x). We write to denote respectively both the empty 
set and the empty multiset. In order to make lighter the notation we will use aab to denote 
the multiset {a,a,b}. Sometimes we will use a n b m to denote the multisets containing n 
copies of a and m copies of b. 

Definition 2.1 (Open Net). An open net is a tuple N = (S, T, pre, post, I, 1 ,0) where S 
is the set of places, T is the set of transitions (with S n T = 0), pre, post : T — > S® are 
functions mapping each transition to its pre- and post-set, I : T — > A is a labeling function 
(A is a set of labels) and 1,0 C S are the sets of input and output places. A marked open 
net (shortly, marked net) is pair (N, m) where is an open net and m 6 S® is a marking. 

It is worth noting that standard P/T Petri nets can be thought of as open nets whose 
sets / and O are empty. Figure [2] shows two open nets where, as usual, circles represents 
places and rectangles transitions (labeled with a,/3,x)- Arrows from places to transitions 
represent pre, while arrows from transitions to places represent post. Input places are 
denoted by ingoing edges, while output places are denoted by outgoing edges. Thus in Si, 
x and y are output places, while z is the only input place. In S2, it is the converse. The 



8 



F. BONCHI AND U. MONTANARI 



( TR ) t £ T = 1 m= 't®c j e I N ^ qut ^ o£Q N o£m 

N,m -4 N,f c N, m ±» N, m % N,m ^ N,m Q o 

Table 2: Operational Semantics of marked open nets. 




Figure 3: The open nets N%, N2, N3, N4 and JV5. (A) Part of the infinite transition system 
of (Ni,a). (B) Part of the infinite saturated transition system of (Ni,a). (C) 
The symbolic transition systems of {Ni,a),(N2,c),(N3,e),{Ni,l) and (N^,r). 

parallel composition of two nets is defined by attaching them on their input and output 
places. As an example, we can compose Si and S2 by attaching them through x, y and z. 

The operational semantics of marked open nets is expressed by the rules on Table El 
where we use *t and t* to denote pre(t) and post(t) and we avoid putting bracket around 
the marked net (N, m), in order to make lighter the notation. The rule (tr) is the standard 
rule of P/T nets (seen as multisets rewriting), while the other two are specific of open nets. 
The rule (in) states that in any moment a token can be inserted inside an input place and, 
for this reason, the lts has always an infinite number of states. The rule (out) states 
that when a token is in an output place, it can be removed. Figure [2|A) shows part of the 
infinite transition system of (S2,a). 

The abstract semantics is defined in [2] as the standard bisimilarity (denoted by ~ iV ) 
and it is a congruence under the parallel composition outlined above. This is due to the rules 
(in) and (out), since they put a marked net in all the possible contexts. If we consider 
just the rule (tr), then bisimilarity fails to be a congruence. Thus also for open nets, 
the canonical definition of bisimulation consists in inserting the system in all the possible 
contexts and observing what happens. 

In the remainder of the paper we will use as running example the open nets in Figure [3j 
Since all the places have different names (with the exception of $), in order to make lighter 
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the notation, we write only the marking to mean the corresponding marked net, e.g. b 2 $ 
means the marked net (Ni,b 2 $). 

The marked net a (i.e., (Aq,a)) represents a system that provides a service (3. After 
the activation a, it provides j3 whenever the client pay one $ (i.e., the environment insert 
a token into $). The marked net c instead requires five $ during the activation, but then 
provides the service (3 for free. The marked net e, requires three $ during the activation. 
For three times, the service f3 is performed for free and then it costs one $. It is easy to see 
that all these marked nets are not bisimilar. Indeed, a client that has only one $ can have 
the service (3 only with a, while a client with five $ can have the service f3 for six times only 
with c. The marked net r represents a system that offers the behaviour of both a and c, i.e., 
either the activation a is for free and then the service (3 costs one, or the activation costs 
five and then the service is for free. Also this marked net is different from all the others. 

Now consider the marked net I. It offers the behaviour of both a and e, but it is 
equivalent to a, i.e., I ~ N a. Roughly, the behaviour of e is absorbed by the behaviour of 
a. This is analogous to what happens in the asynchronous 7r-calculus where it holds that 
a(x).(ax | p) + T.p ~ x r.p. 

The definition of involves an infinite transition system and thus it is often hard to 
check. As in the case of ~ x for the asynchronous 7r-calculus, we would like to efficiently 
characterize it. In the following we show an efficient characterization of ~ Ar , that we have 
introduced in [8j. Here and in the rest of the paper, to make simpler the presentation we 
restrict to open nets with only input places. The general case, is completely analogous and 
can be found in [8j 0]. 

First of all, we have to define a symbolic transition system that, analogously to the 
operational semantics of the asynchronous it, performs input-transitions only when needed. 
We call it rj. 

i A 

Intuitively, the symbolic transition N, m N, m! is possible if and only if N, m © 

i — > N, m! and i is the smallest multiset (on input places) allowing such transition. This 
transition system is formally defined by the following rule. 

teT l(t) = X m = (mn't)®n i C I® 't=(mfl 't)ffii 

N, m l A v N,t* © n 

The marking m Pi *t contains all the tokens of m that are needed to perform the transition 
t. The marking n contains all the tokens of m that are not useful for performing t, while 
the marking i contains all the tokens that m needs to reach 't. Note that % is exactly the 
smallest multiset that is needed to perform the transition t. Indeed if we take i\ strictly 
included into i, m®i\ cannot match *t. As an example consider the net A^2 in Figure[3]with 
marking cd% 2 and let t be the only transition labeled with a. We have that cd% 2 n *t = c$ 2 , 

n = d and i = $ 3 . Thus , cd% 2 — ^ N2 , dd, meaning that cd% 2 needs $ 3 to perform a and 
going into dd. Figure E^C) shows some symbolic transition systems. 

Note that analogously to ^ SYN for the asynchronous 7r-calculus, the ordinary definition 
of bisimilarity on the symbolic transition systems for nets, does not coincide with 
Indeed the symbolic transition systems of a and I in Figure EJ^C) are not bisimilar, but as 
discussed above, a ^ N I. In order to efficiently characterize ~ , we have to introduce the 
following definition. 
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Definition 2.2 (Net-symbolic Bisimilarity) . A symmetric relation R is a net-symbolic 
bisimulation iff, whenever (Ni,mi) R {N 2 ,m2): 

• if (Ni,mi) (Ni,m'i), then exists a marking m' 2 and 3j,k G I® such that: 

(a) i= j ® k, 

(b) (iV 2 ,m 2 ) ^ (N 2 ,m 2 ) and 

(c) (JVi,mi) R (N 2 ,m' 2 ®k). 

Two marked nets are net-symbolic bisimilar (written whenever there is a symbolic 

bisimulation relating them. 

For instance, the symmetric closure of the following relation is a net-symbolic bisimu- 
lation. 

R = {(l,a), (q,b), (m,6$ 3 ), (n,6$ 2 ), (o,6$), (p,6)} 
In [8], we have shown that ~ w =r^ NS . In Section HI we will show that the former is an 
instance of saturated bisimilarity, while the latter is an instance of symbolic bisimilarity. 
In Section 17.11 and 17.21 we will give a coalgebraic characterization of both and >~^ NS by 
mean of saturated and normalized coalgebras. 

3. A Simple Words Calculus 

In the next section we will show a theoretical framework encompassing both asynchronous 
7r-calculus and open Petri nets. In this section, we introduce a simple words calculus (swc) 
as a further instance of the framework presented in the next section. The aim of this "toy 
calculus" is to provide a more gentle example of the concepts that will be introduced after- 
ward, by avoiding all the technicalities that arise with "real formalisms" like asynchronous 
7r-calculus and open Petri nets. 

Let A be an alphabet of symbols (ranged over by a, b, c ... ) and A* be the set of finite 
words over A (ranged over by u,v,w . . .). We use e to denote the empty word and uv 
to denote the concatenation of the words u and v. The set of processes is defined by the 
following grammar (where u £ A*). 

p::=0, u.p, P1+P2 

A configuration is a pair u > p where u is a word (in A* ) representing some resources and p 
a process (generated by the above grammar). The set of all configurations (ranged over by 
71,72, ... ) is denoted by Conf. The algebra W has as carrier-set Conf and as operators 
the words v 6 A*. The function vyy : Conf — > Conf maps each configuration u > p into 
uv \> p. Intuitively, vyy represents a context where configurations can be inserted: the 
effect of this insertion is that of adding v (via word-concatenation) to the resources of the 
configuration. This is analogous to asynchronous 7r-calculus and open nets. There, resources 
are respectively outputs (in parallel) and tokens (in input places). Moreover, in those 
formalisms the environment can arbitrarily add new resources (via context composition). 

Differently from asynchronous ir and open nets, in swc all the transitions are labeled 
with the same observation •. Therefore, we fix the set of observations of swc to be Oyy = {•} 
(the subscript W will be useful later to distinguish the observations of swc from those of 
asynchronous ir and open nets). The operational semantics of swc is given by the transition 
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relation tryy C Conf x Oyv x Conf defined by the following rules (together with the 
symmetric one for +). 

. nl> p A u O p' 

uv O u.p —^uv\>p - 

uOp + g— >uOp' 

Intuitively, the process u.p needs the resources u in order to evolve. If u is present in the 
configuration (as a suffix) then, u.p becomes p. Note that, differently from asynchronous ir 
and open nets, the resources u are not consumed, but only "read" (we have chosen to give 
this read-behavior to swc, just for simplifying the following examples). 

Definition 3.1 (Saturated Bisimilarity for swc). Let R C Conf x Conf be a symmetric 
relation. R is a saturated bisimulation iff, Vv € A* , whenever 71 R 72: 

• uw(7i) -R«w(72), 

• if 71 — > 7J , then 3^' 2 such that 72 — > 7 2 and 7J i? 7 2 ■ 

We write 71 ~ s 72 iff there is a saturated bisimulation i? such that 71 i? 72- 

For instance, the configurations ab O a&.O and a& [> e.O are saturated bisimilar, because 
for any word v both a&v O a&.O and abv O e.O can only perform one transition and then stop. 
A more interesting example is the following. For all words u,v £ A* such that v = uw (i.e., 
u is a prefix of u), it holds that 

c 

£ O U.p + V.p ~ £ > It.p 

because for any word v' £ A*, v'> u.p + v.p and v' O u.p have the same behaviour. For those 
?/ having u as prefix (i.e., v' = uw'), both the configurations can only perform transitions 
going into v' > p; for those v' where u is not a prefix, both the configurations stop. As it 
happens for the asynchronous 7r-calculus and open nets, the behaviour of v.p is somehow 
"absorbed" by the behaviour of u.p. By joining the two previous examples, we have that: 

e > a.ab.O + ab.e.O ~ 5 e > a.ab.O 

Indeed, for all the words v' G A* having ab as a prefix (i.e., v' = abw') the configuration 
abw' > a.afe.O + a&.e.O can go either in abw' t> ab.O or in abw' > e.O, while the configuration 
a&u/ > a.ab.O can only go in abw' > a6.0 that, as shown in our first example, is bisimilar to 
abw' [> e.O. For all the other words, the two configuration behave exactly in the same way. 

For simplifying the explanation, it is useful to introduce the saturated transition system: 
u\>p ^5 v! ' Op' iff uv Op A u' \>p' . It is easy to see that the standard notion of bisimilarity 
on this transition system coincides with ~ s . The saturated transition systems of e>u.p+v.p 
and e O u.p are shown in Figure IK A). For making lighter the notation, in that figure and in 
the following ones we have omitted the observation •. Note that e O u.p + v.p and e O u.p 
perform the same saturated transitions (and thus they are saturated bisimilar, as discussed 
above). 

In order to give a more efficient characterization of ~ 5 (that avoids the quantification 
over all words v € A*), we define a symbolic transition system that, like the saturated 
transition system, is labeled with pairs v, • (for v £ A*). The main difference is that a 
symbolic transition u\> p u' o p' is performed only when v is the "minimal word" such 
that uv O p — >■ it' O p'. The symbolic transition system u C Conf x A* x Oyy x Conf is 
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e > u.p + v.p 



u\> p ■ 



£ t> U.p 




(C) 



71 



72 



aft 



a a 



ab > e.O o> a6.0 



a& [> a&.O ■ 



afr C> 



e [> it.p 

Figure 4: (A) The saturated transition systems of e>u.p+v.p and et>u.p. (B) The symbolic 
transition systems of et>u.p+v.p and et>u.p. (C) The symbolic transition systems 
of 7i = e > a.ab.O + ab.e.O and 72 = e > a.afr.O. 



defined by the following rules (together with the symmetric rule for +). 

v >* 1 1 

e,« v,m U> p — >uj U t> p 
UV > It.p — ^ UV > p U\> UV.p — > w UV \> p — 

it > p + g u > p' 

In the central rule, the process uv.p needs the resources uv to evolve. In the configuration, 
there are only u resources and thus the process "takes from the environment" the word v. 
In the leftmost rule, all the needed resources (it) are already present in the configuration (as 
a prefix) and thus the process can evolve without taking resources from the environment 
(i.e., by taking e). The symbolic transition systems of e\>u.p-\-v.p and e>u.p are depicted 
in FigureHJ^B). Note that the former process can perform one symbolic transition more than 
the latter, even if they perform the same saturated transitions. The symbolic transition 
systems of 71 = e > a.ab.O + ab.e.O and 72 = e > a.ab.O are shown in Figure H^C). 

Note that the standard notion of bisimilarity defined over — y u (hereafter called syntactic 
bisimilarity and denoted by ~ M/ ) is strictly included into ~ s . For example, e \> u.p and 
e > u.p + v.p (with u prefix of v) are in ~ s but not in ~ w because e \> u.p + v.p V -A- U v > p, 
while £ > u.p only performs a symbolic transition labeled with it. The same holds for 
£ \> a.ab.O + ab.e.O and e \> a.ab.O. 

In order to capture ~ s by exploiting the symbolic transition system we need a more 
elaborated notion of bisimulation that relies on an inference system. For better explaining 
it, observe that the following "monotonicity property" holds: 

Vi> € A* and Vit > p,u' > p' G Conf, if n > p — >■ u' > p', then iiu >p — )• it'u > p'. 
This property states that when adding the resources i> to the original configuration (or, 
equivalently, when inserting the configuration into the context i>w( — ))> & H the transitions 
of the original configuration are preserved. This is analogous to what happens in the asyn- 
chronous 7r-calculus (where putting outputs in parallel does not inhibit any transition) and 
in open Petri nets (where inserting tokens in input places does not inhibit any transition). 

An inference system is a set of rules stating properties like those just described. For 
the case of swc, the inference system Tyy is defined by the following rule (parametric w.r.t. 
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v G A*). 

7 -> 7 
«w (7) (7') 

This rule just states the above monotonicity property. Moreover, it induces a derivation 
relation hr w C (Conf x ^4* x Oyy x Conf) x (Conf x yl* x 0>v x Conf) as follows: 

7 -> 7 h Tw 7 — >■ wj w (7 ) 
Consider the saturated transitions of e\>u.p+v.p in FigureH^A) and fix 7 = e\>u.p+v.p. 

We have that (7 u > p) \~t w (7 ua t> p) \~t w (7 ^aa O p) \~t w ■ ■ ■ More 

generally, Mw G ^4*, 

7 ->s w>p h Tyv 7 — > s uw>p 
and in the case of 7 = e [> n.p + u.p in Figure Hl^B), this means that 

7 'u u O p \- Tw 7 4 W wop. 

This is somehow useful to understand the causes of the mismatch between ~ 5 and ^ w 
(syntactic bisimilarity) . First, observe that symbolic transitions can derive through Tyy all 
and only the saturated transitions (this will be formally shown in the next section). Then, 
recall that the configurations e O u.p + v.p and e O u.p are in ~ 5 because can perform the 
same saturated transitions, but they are not in because the former can perform the 

V • 

symbolic transition This symbolic transition is redundant since it can be derived from 
through the inference system Tyy. More explicitly, all the saturated transitions that 
can be derived from — t w can also be derived from and thus does not add any 
meaningful information about the saturated behaviour of the configuration. We can avoid 
this problem by employing the following notion of bisimulation. 

Definition 3.2 (Symbolic Bisimilarity for swc). Let R C Conf x Conf be a symmetric 
relation. R is a symbolic bisimulation iff whenever 71 R 72: 

• if 7i ^ 7i> then 37 2 ,7 2 ' G Conf,u G A* s.t. 72 ^ 7 2 , 72 ^ 72 ^r w 72 ^> 72 and 

We write 71 r^ SYM -y 2 iff there is a symbolic bisimulation i? such that 71 R 72. 

For example e O u.p + v.p g > u.p (when v = uw), because if e O u.p + v.p 

O p, then e o u.p nop and this transition derives e O u.p —h- u % (u o p) that is 
e O u.p — >^ w O p. 

For an example of symbolic bisimulation, take 71 = eOa.afo.O+ao.e.O and 72 = eOa.afr.O 
in Figure E](C) and consider the symmetric closure of the following relation. 

R = {(71,72), (a O ab.O, a o ab.O), (ab o e.O, ab O ab.O), (a6oO,a6oO)} 
For the last three pairs, it is easy to check that the configurations satisfy the above require- 
ments. For (71,72), this is more interesting: the transition 71 "^-^ afro £.0 can be matched 

by 72 -^lu a O ab.O because, by definition of \~t w , 72 a O ab.O \~t w 72 oh O ab.O and 
(ab O e.O, ab o ab.O) G R. 

In the next section we will show that ~ S =~ SYM . Before concluding this section, it 
is worth to make a final remark. The reader would have thought that in order to retrieve 
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~ from the symbolic transition system, one could just remove all the "redundant transi- 
tions", i.e., all those symbolic transitions 7 7" such that there exists another symbolic 
transition 7 7' deriving it (in Section [7J this removal will be called normalization). It 
is important to show that this is not enough to retrieve consider the symbolic tran- 
sition systems of 71 = e > a.ab.O + ab.e.O and 72 = e > a.ab.O shown in Figure IH[C). 
They have no redundant transitions, but still 71 ~ 5 72 and 71 ^ w 72. The transition 

7i — *uj ab > e.O is not redundant, because 71 a > ab.O \/t w 7i —^u ab > e.O, since 
&w(o l> ab.O) = ab > a6.0 / a& D> e.O. However, it is semantically redundant, because 

7i -^w a > a&-0 hy w 71 ab > ab.O and the states ab D> a&.O and a& > e.O are semantically 
equivalent (i.e., ab > ab.O ^ s ab > e.O). 

In order to characterize ~ 5 through u, we should eliminate all the semantically re- 
dundant transitions, but this is impossible without knowing a priori This is the main 
motivation for the introduction of normalized coalgebras in Section [7J 

4. Saturated and Symbolic Semantics 

In Section [T]and Section O we have introduced asynchronous 7r-calculus and open Petri nets. 
In both cases, their abstract semantics is defined in two different ways: either by inserting 
the systems into all possible contexts (like and ~ ) or by inserting the system only in 
those contexts that are really needed (like ~ a and ^ NS ). Moreover, the latter coincides 
with the former and thus can be thought as an efficient characterization of the former. 

This sort of "double definition" of the abstract semantics recurs in many formalisms 
modeling interactive systems, such as mobile ambients [12], open 7r-calculus |41j and explicit 
fusion calculus |43| . In [8] , we have introduced a theoretical framework that generalizes this 
"double definition" and encompasses all the above mentioned formalisms. In this section 
we recall this framework by employing as running examples the simple words calculus, the 
asynchronous 7r-calculus and open Petri nets. 

4.1. Saturated Semantics. Given a small category C, a T(C)-algebra is an algebra for 
the algebraic specification in Figure [5] where |C| denotes the set of objects of C, ||C|| the 
set of arrows of C and, for all i,j € |C|, C[i, j] denotes the set of arrows from i to j. Thus, 
a T(C)-algebra X consists of a |C|-sorted family X = {X{ | i G |C|} of sets and a function 
cx : Xi — > Xj for all c G C[i,j]. Moreover, these functions must satisfy the equations in 
Figure [5) idi x is the identity function on Xi and if d; e = c in C, (d;e)x is equal to cxQ 
Hereafter, we will use j X to denote the set of the elements of a r(C)-algebra X, namely, 
the disjoint union X^elci -^i- 

The main definition of the framework presented in [8] is that of context interactive 
systems. In our theory, an interactive system is a state-machine that can interact with the 
environment (contexts) through an evolving interface. 

Definition 4.1 (Context Interactive System). A context interactive system I is a quadruple 

(C,X, 0,tr) where: 

• C is a small category, 

^Note that r(C)-algebras coincide with functors from C to Set and r(C)-homomorphisms coincide with 
natural transformations amongst functors. Thus, Alg r ( C ) is isomorphic to Set c (the category of covariant 
presheaves over C). 
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specification T(C) = 
sorts 

i Vi e |C| 

operations 

c-.i-tj VceC[i,j] 
equations 

idi(x) = x 

e(d{x)) = c(x) yd; e = c 
Figure 5: Algebraic specification T(C). 



• X is a r(C)-algebra, 

• O is a set of observations, 

• tr C J X x O x (X is a labeled transition relation (p — > p' means (p,o,p') £tr). 

Intuitively, objects of C are interfaces of the system, while arrows are contexts. Every 
element p of Xi represents a state with interface i and it can be inserted into the context 
c G C[i, j], obtaining a new state cx(p) that has interface j. Every state can evolve into a 
new state (possibly with different interface) producing an observation o € O. 

The abstract semantics of interactive systems is usually defined through behavioural 
equivalences. In [8] we proposed a general notion of bisimilarity that generalizes the abstract 
semantics of a large variety of formalisms [I2j [IJ |HJ [37l |44j E] • The idea is that two states 
of a system are equivalent if they are indistinguishable from an external observer that, in 
any moment of their execution, can insert them into some environment and then observe 
some transitions. 

Definition 4.2 (Saturated Bisimilarity). Let I = (C,X,0,tr) be a context interactive 
system. Let R = {Ri C Xi x Xi j i G |C|} be a |C|-sorted family of symmetric relations. R 
is a saturated bisimulation iff, Vi, j € |C|, Vc G C[i, j], whenever pRiq: 

• cx(p) Rj cx(q), 

• if p -A p' with p' S Xk for some A; £ |C|, then 3q' G such that q q' and p'Rkq' ' ■ 
We write j? ~f g iff there is a saturated bisimulation R such that pRiq. 

An alternative but equivalent definition can be given by defining the saturated transition 
system (satts) as follows: p Q if an d only if cx(p) — > q- Trivially the ordinary 
bisimilarity over satts coincides with 

Proposition 4.3. ~ 5 ' is the coarsest bisimulation congruence. 

A Context Interactive Systems for swc. In Section [3l we have introduced a simple 
words calculus. Here we show its context interactive system W = (Wor, W, Oyy, tfw)- 
Recall that e is the empty word and that uv denote the concatenation of the words u and 
v. The category Wor is defined as follows: 

• | Wor | = {o}; 

• Wor[o,o] = A*; 

• id a = e; 

• \/u,v € A*, u;v = uv. 
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The algebra W, the set of observations Oyv and the transition relation irw have been 
already introduced in Section [3j In swc, all the configurations have the same interface (sort) 
and thus, in the category Wor there is only one object. It is easy to see that saturated 
bisimilarity for swc (Definition 13. ip is an instance of Definition 14.21 

A Context Interactive Systems for open Petri nets. In the following we formally 
define M = (Tok, N, A, trj^) that is the context interactive system of all open nets (labeled 
over the set of labels A). Let PI be an infinite set. We assume that the input places of all 
open nets are taken from PI. Formally, we assume that if I is the set of input places of an 
open net N, then / £ P(Pl) (where P(Pl) denotes the powerset of PI). 
The category Tok is formally defined as follows: 

• |Tok| ={I\lE P(PZ)}; 

• VI, J € |Tok|, if I = J then Tok[J, J] = I® while, if I / J then Tok[I, J] = 0; 

• Vie |Tok|, idj = 0; 

• Vii, i 2 £ I®, h;i2 = h ®h- 

Intuitively objects are sets of places /. Arrows i : I —¥ I are multisets of tokens on I, 
while there exists no arrow % : I — > J for I ^ J. Composition of arrows is just the sum of 
multisets and, obviously, the identity arrow is the empty multiset. 

We say that a marked open net (N, m) has interface I if the set of input places of N is 
/. For example the marked open net (Ni,a) has interface {$}. Let us define the T(Tok)- 
algebra N. For any sort I, the carrier set Nj contains all the marked open nets with interface 
/. For any operator % £ Tok[J, I], the function maps {N,m) into {N,m © i). 

The transition structure trj^f (denoted by — >jv") associates to a state (N, m) the transi- 
tions obtained by using the rule (tr) of Table El The saturated transition system of {N\,a) 
is shown in Figure E^B). 

Proposition 4.4. Let (N\,m\) and (A^,?^} be two marked nets both with interface I. 
Thus (Ni,mi) ~ N {N 2 ,m 2 ) iff (N u m x ) ~f (JV 2 ,m 2 ). 

A Context Interactive System for asynchronous n. We now introduce the context 
interactive system A = (Out, A, 0_4, tr^) for the asynchronous 7r-calculus. First, we assume 
the set of names Af to be in one to one correspondence with a>o (the set of natural numbers 
co without the number 0). In A, we use numbers in ojq in place of names in J\f, but for the 
sake of readability, in all the concrete examples of processes we use names a, b, c, • • • € M 
thought of as the natural numbers 1, 2, 3, • • • € u)q. We need such correspondence, because 
we use the well order 1 < 2 < 3 . . . . Given an n £ cj, it denotes both the number and the set 
of numbers in ojq smaller or equal than re. For instance, 2 denotes both the number 2 and 
the set {1,2} that correspond, respectively, to the name b and to the set of names {a, b}; 
while denotes both the number and the empty set: the former does not correspond to 
any name and the latter corresponds to the empty set of names 0. In the following, we will 
use the name in Af and numbers in loq interchangeably. Also, when fixed some sets n,m . . . 
we will use i,j to range over the elements of these sets. 

The category of interfaces and contexts is Out, formally defined as follows: 

• |Out| = u; 

• if m > re, then Out[re, m] is the set of contexts generated by c ::= — , c\ij, with i,j £ m; 
if m < n, then Out [71,771] = 0; 

• Vn £ cj, id n is — £ Out[n,re]; 
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• arrows composition is the syntactic composition of contexts. 

Note that a context could correspond to several arrows with different sources and tar- 
gets. For instance, the context — \12 (corresponding to — \ab) is, e.g., both an an arrow 
— > 2 and an arrow 1 — > 6. The composition of the arrow — 112 : — > 2 with — 134 : 2 — > 5 
is -|T2|34 : ->■ 5. 

Let us define the r(Out)-algebra A. For every object n, A n is the set of asynchronous 
7r-processes p such that n > max fn(p). Intuitively in asynchronous it, interfaces are sets 
of names. A process with interface n uses only names in n (not all, just some). Given 
a process p and a natural number n > max fn(j>), we denote with p n the process p with 
interface n. For instance, there exists several processes corresponding to r.O: r.Oo, t.Oj., . . . 
Each of these is considered different from the others because has a different interface. This 
may seem a bit strange, but is quite standard in categorical semantics of process calculi 
[13 ESI EI] as well as in their graphical encodings [32| H5| [5| [20] . 

Extensively, is the empty interface and Aq is the set of all 7r-processes without free 
names. The set A\ contains all the processes with free names in {1} (corresponding to {a}) 
and A2 contains all the processes with free names in {1, 2} (corresponding to {a, b}) and so 
on . . . 

In order to fully define A, we still have to specify its operations ca for all c € Out[n, m]. 
Given a process p £ A n , ca(j>) is the process with interface m obtained by syntactically 
inserting p into c. For instance, a{x).xa\ can be inserted into — \bc : 1 — > 3 obtaining the 
process a(x).xa\t>C3. 

Note that, differently from what happens in open nets, an asynchronous 7r-process can 
dynamically enlarge its interface by receiving names in input or extruding some restricted 
name. Name extrusion is an essential feature of the 7r-calculus that can be easily explained 
by looking at the rule (opn) in Tabled) the name b is local (i.e., bound) in vb.p, but it 
becomes global (i.e., free) whenever p send it to the environment. In A, we are going to 
assume that processes p n with interface n always extrude the name n + 1: this ensures that 
the extruded name is fresh (i.e., n + 1 ^ fn(p n )). 

The set of observations is O.4 = {ij, r\i, j S ujo}- Note that the input action is not 
an observation, since in the asynchronous case it is not observable. Moreover note that in 
the bound output, the sent name does not appear. This is because, any process with sort 
n will send as bound output the name n + 1. 

The transition structure trj± (denoted by — >a) is defined by the following rules, where 
i, j £ wo represent in the premises the corresponding names in J\f, while in the conclusion 
the numbers in ojq. Moreover the transition relation in the premise is the one in Table [U 

T 1 ij , i(n+l) , 

p — > p p — > p p > p 



Pn ~>A Pn r> % A n' „ % „ r/ , 
Pn Pn Pn ?A Pn+l 

Note that for r and not-bound output, fn(p') C fn(p) C n, and thus p' G A n . For the case 
of bound ouput instead, the extruded name n + 1 could occur free in p'. Thus fn(p') C n + 1 
and p' € A n+ \. 

In our context interactive system A, processes only perform r and output transitions. 
The contexts are all the possible outputs. Therefore is almost trivial to see that saturated 
bisimilarity coincides with ~ . Figure [TJ^C) shows the saturated transition system of r.Oi. 
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Proposition 4.5. Letp,q be asynchronous n -processes, and let n > max fn(pUg). Then 

P^ 1 q iffPn ~n In- 

4.2. Symbolic Semantics. Saturated bisimulation is a good notion of equivalence but it is 
hard to check, since it involves a quantification over all contexts. In [8], we have introduced 
a general notion of symbolic bisimilarity that coincides with saturated bisimilarity, but it 
avoids to consider all contexts. The idea is to define a symbolic transition system where 
transitions are labeled both with the usual observation and also with the minimal context 
that allows the transition. First we need to introduce context transition systems. 

Definition 4.6 (Context Transition System). Given a category C, a r(C)-algebra X and a 
set of observations O, a context transition system j3 C J X x ||C|| xOx| X is a transition 

relation labeled with ||C|| x O (p p' means that (p,c,o,p') G f3). 

An example of context transition system is rj defined in Section [2j each transition is 
labeled with both a multiset of tokens i and an observation A. Also the saturated transition 
system is a context transition systems. Hereafter, given a context transition system /3, 

CO CO 

we will write — >p to denote the transitions of /3, -^s to denote the saturated transitions 
and ^> (without subscript) to denote the transitions of the total context transition system 



Definition 4.7 (Inference System). Given a category C, a T(C)-algebra X and a set of 
observations O, an inference system T is a set of rules of the following format, where 
i, j G |C|, o,o' G O, c G C[i,i'] and d G C\j,j'}. 



In this rule, i, j, o, o', c and d are constants, while pi and qj are variables ranging over 
and Xj, respectively. Therefore, the above rule states that all processes with interface i that 
perform a transition with observation o going into a state qj with interface j, when inserted 
into the context c can perform a transition with the observation d going into d(qj). In other 
words, this rule is in a (multisorted) SOS format, where the operators (here, contexts) are 
unary and there is only one transition in the premise of the rules. Note that, however, 
this kind of rules is not intended to be used for expressing the operational semantics of a 
formalism (as in the case of SOS), but instead for describing "useful properties" about how 
contexts modify the behaviour of systems. 

In the following, we write c — d to mean a rule like the above. The rules c — — »- d 

o' o' 

and d — d' derive the rule c; d — — c'; d! if c; d and c'; d' are defined. Given an infer- 

o" ' o" ' ' 

ence system T, $(T) is the set of all the rules derivable from T together with the identities 



t = JX x ||C|| x O x JX. 



o 



Pi -> Qj 





Definition 4.8 (Derivations). Let C be a category, X be a r(C)-algebra, O be a set of 
observations. An inference system T defines a derivation relation hyC f x i amongst the 
transitions of the total context transition system. 



SYMBOLIC AND ASYNCHRONOUS SEMANTICS VIA NORMALIZED COALGEBRAS 



19 



We say that p — > pi derives p — > p2 (written p -— * p\ \~t p — > P2) u there exist 
d, e G ||C|| such that <i °* > e 6 3>(T), ci; d = C2 and ex(pi) = P2- 

Note that the above definition can be extended to the transitions of any pairs of context 

a O CI, 01 C2,0 2 .„ Cl,OJ C2,0 2 

transition systems pi,p2- P — Pi <~t p — >/3 2 P2 in p — > pi \~t P — > P2- 

Until now, context transition systems and inference systems are not related with the 
transitions relations tr of context interactive systems. The following definition makes a link 
between them. 

Definition 4.9 (Soundness and Completeness). Let X = (C,X, 0,tr) be a context inter- 
active system, (3 a context transition system and T an inference system. 
We say that (3 and T are sound w.r.t. X iff 

. r c',o' , c' ,o' , . c,o . c,o 

it p — >/3 q and p — >p q \~t p — > q, then p — >g q. 
We say that j3 and T are complete w.r.t. X iff 

c,o . c',o' , c',o' . c,o 

it p — >s g, then there exists p — >p q such that p — >p q \~t p — > q- 

Definition 4.10. Let X = (C,X, 0,tr) be a context interactive system, (3 a context tran- 
sition system and T an inference system. If (3 and T are sound and complete w.r.t. X we 
say that f3 is a symbolic transition system (scts for short) for X. 

For instance, the saturated transition system n (defined in Section [2] for open nets) is 
a symbolic transition system (this will be formally stated in Proposition 14. lb 7 ]) . Also the 
saturated transition system is a symbolic transition system (take as T the empty inference 
system), while the total context transition system is usually not sound. 

A symbolic transition system could be considerably smaller than the saturated transi- 
tion system, but still containing all the information needed to recover Note that the 
ordinary bisimilarity over SCTS (hereafter called syntactic bisimilarity and denoted by ~ M/ ) 
is usually strictly included in As an example consider the marked open nets a and I. 

$ 3 a 

These are not syntactically bisimilar, since / — ^ v m while a cannot (FigureE^C)). However, 
they are saturated bisimilar, since ~ s =~ Ar . Analogously, the ordinary bisimilarity over the 
lts of the asynchronous tt does not coincide with r^ 1 ; a(b).ab + r and r are 1-bisimilar, but 
not syntactically bisimilar (at the end of this section, we will show that also the transition 
system of asynchronous ir in Table [1] is somehow a SCTS). 

In literature, several SCTS are defined in [41] [37] 144] . In these works, transitions are 
labeled with both "fusions" of names and the ordinary labels. Other noteworthy examples 
are the IPOs and the borrowed contexts of [29] and [16] : here all the transitions are labeled 
only with the minimal contexts and the observations can be though as rs. Also in all these 
cases, syntactic bisimilarity is too fine grained. In order to recover ~ s through the symbolic 
transition system we need a more elaborated definition of bisimulation. 

Definition 4.11 (Symbolic Bisimilarity). Let I = (C,X, 0,tr) be an interactive system, 
T be a set of rules and f3 be a context transition system. Let R = {Ri C Xi x | i € |C|} 
be a |C|-sorted family of symmetric relations. R is a symbolic bisimulation iff Vi £ |C|, 
whenever pRiq: 

• if p — ¥p p , then dci, o±,q 1 ,q such that q — >p q ± and q — >p q l \~t q — > q and p R^q . 
We write p ^f YM q iff there exists a symbolic bisimulation R such that pR-iq. 
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Theorem 4.12. Let I be a context interactive system, (3 a context transition system and 
T an inference system. If j3 and T are sound and complete w.r.t. I, then ~ SYM =r^ s . 

Symbolic Semantics for swc. The symbolic transition system uj and the inference system 
T>v for swc have already been defined in Section [3j It is also easy to see that symbolic 
bisimilarity for swc (Definition 13, 2p is an instance of Definition 14.111 Therefore, in order to 
apply Theorem 14,121 we only need to prove that uj and Tyy are sound and complete. 

Proposition 4.13. uj and Tyy are sound and complete w.r.t. W. 

Corollary 4.14 (From Theorem I4.12p . In swc, ~ s =~ s ' yM . 

Symbolic Semantics for open Petri nets. The symbolic transition system for open 
Petri nets is n defined in Section [2j The inference system Tj\f is defined by the following 
rule parametric w.r.t. A G A, / G P(Pl) and i G I®. 

N,m A- N, m! 



N,m®i A N,m' © i 



Its intuitive meaning is that for all possible observations A and multiset i on input places, 
if a marked net performs a transition with observation A, then the addition of i preserves 
this transition. 

Now, consider derivations between transitions of open nets. It is easy to see that 

N, m N, mi N, m ^-4 N, m<i if and only if A2 = Ai and there exists a multiset x 
on the input places of N such that 12 = i\ © x and = mi © x. For all the nets Nk of 
Figure O this just means that for all observations A and for all multisets m, n, we have that 

(Nk,m) — '-^n (Nk,n) \~t^ (Nk,m) 4- ( Nk , nS 1 ) . From this observation, it is easy to see 

that the definition of net-symbolic bisimilarity is an instance of symbolic bisimilarity. 

Proposition 4.15. Let (Ni,mi) and (A^2,m2) be two marked nets both with interface I. 
Thus (JVi.mi) ~ JVS (JV 2 ,m2) iff {N 1} mi) ~f yM (N 2 ,m 2 ). 

Thus, in order to prove that have only to prove that n and T/j are sound 

and complete w.r.t. and then apply the general Theorem 14. 121 

Proposition 4.16. rj and Tj^ are sound and complete w.r.t. j\f. 



Corollary 4.17 (From Theorem S32J) . ~ JV =~ JV ' b . 

Symbolic Semantics for asynchronous ir. In the case of asynchronous 7r-calculus, the 
ordinary lts closely corresponds to the SCTS that we are going to introduce. The transitions 
labeled with an input a(b) are substantially transitions saying that if the process is inserted 
into —\ab, then it can perform a r. The symbolic transition system a for the asynchronous ir- 
calculus is defined by the following rules, where in the premises there are standard transitions 
(from Table [T|), i,j G ujo represent in the premises the corresponding names in J\f, while in 
the conclusion the numbers in ujq and — G Out[n, n] and —\im G Out [n,n']. 

t 1 ij f i(n+l) , i(m) , , 

p — > p p — > p p > p p — t_p n =max{m,n\ 

n Zil rl 1 _ '*0 / -\im,T , 
Pn *a P n p n — 4 Q p n p n ^ Q p n+l p n > a p n , 
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Note that the only non standard rule is the fourth. If, in the standard transition system 
a process can perform an input, in the SCTS the same process can perform a r, provided 
that there is an output process in parallel. Note that the interface of the arriving state 
depends on the received name m: if it is smaller than n, then the arriving interface is still 
n, otherwise it is extended to m (i.e., max fn(p') < max {m,n} = n'). 

Part of the SCTS of T.vy.ya + a(b).ab\ and r.Oi are shown in Figure QJB). There and 
in the following we avoid to specify the source and the target of the contexts labelling the 
transitions, since these can be inferred by the sorts of starting and arriving states. As well 
as the ordinary lts, the symbolic transition system is infinite, because the input can receive 
any possible name in Af. It is well known that, instead of considering all possible input 
names, it is enough to consider only the free names and one fresh name (all the other fresh 
are useless) . By slightly modifying the general definition of the context interactive system A, 
we could have defined a symbolic context transition system that only receive in input those 
names that are strictly needed. We have made a different choice for the following reasons: 

(a) the presentation of this modified context interactive system is a bit more contrived; 

(b) the actual presentation is mainly aimed at showing how an input transition "can be 
matched" by a r transition (instead of focusing on finite representation); (c) there exists 
several other sources of infiniteness (discussed in Section [9| that cannot be trivially tackled 
by our framework. 

Let us define an inference system T4 that describes how contexts transform transitions. 
Since our contexts are just parallel outputs, all the contexts preserve transitions. This is 
expressed by the following rules parametric w.r.t. n,m € lj, i,j E n, c € Out [n,m]. 

(TAU C ) Pn ~? qn (OUT c ) Pn 7^ Qn (BOUT c ) ~> gn+1 

c(Pn) -> c(q n ) c{pn) i4 c{qn) c[pn) $ c +l ((?n+l) 

Here, c +1 € Out[n+l, m+1] is the same syntactic context as c, but with different interfaces. 

Derivations amongst transitions of asynchronous 7r-processes are quite analogous to 
those amongst open Petri nets. Particularly relevant is the following kind of derivation: for 
all processes p n ,q n , for all names i 6 n and j € m, 

Pn — >a Qn 1~T A Pn > q\ljm- 

Intuitively, this means that in the original lts, the r transitions derive the input transitions. 
Instantiating the general definition of symbolic bisimulation to a and T4, we retrieve the 

definition of asynchronous bisimulation. Indeed transitions of the form p — '-^ a p' (in the 
original lts, these correspond to r and output), can be matched only by transitions with 
the same label, since the context — is not decomposable. 

The transitions p "S a p' (corresponding to the input in the original lts) can be 

matched either by q q', or by q q' . In other words, when p J '> a p', then q can 

answer with q q', since q — ^ a q' \~t a q ^ q 

Proposition 4.18. Letp,q be asynchronous n-processes, and let n > max fn(pUg). Then 
p~ a q iffp n ~^ yM q n - 

Therefore ~ x is the saturated bisimulation for A, while ~ a is its the symbolic version. 
We can employ our general Theorem 14.121 to prove that ~ x =~ a by showing that the SCTS 
a and the inference system T4 are sound and complete w.r.t. A. 
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Proposition 4.19. a. and T4 are sound and complete w.r.t. A. 
Corollary 4.20 (By Theorem. 14. 12|) . ~ 1 =~ a as shown in [I]. 



5. (Structured) Coalgebras 

In this section we recall the basic notions of the theory of coalgebras and the coalgebraic 
characterization of labeled transition systems and bisimilarity. 

Definition 5.1 (Coalgebra). Let B : C — > C be an endofunctor on a category C. A 
B-coalgebra is a pair (X,a) where X is an object of C and a : X — > B(X) is an arrow. 
A ~B -morphism f : (X,a) — > (Y, f3) is an arrow / : X — > Y of C such that the following 
diagram commutes. B-coalgebras and B-morphisms form the category CoalgB- 

/ 

X : ^Y 



B(X) — ^B(y) 

v ) B(/) v 1 

For instance, labeled transition systems with labels in L are coalgebras for the functor 
P(L x Id) : Set — > Set, where Set denotes the category of sets and functions. This functor 
maps each set X into the set P(Lx X) (i.e., the powerset of L x X) and each function 
/ : X -+ Y into P(L x /) : P(L x X) -> P(L x Y) that, for all A £ P(L x X), is defined 
as P(L x f)(A) = {(/,/(x)) s.t. (l,x) G A}. Concretely, a lts is a set of states X together 
with a transition function a : X — >■ P(L x X) mapping each state into a set of pairs (l,x) 
representing transitions with labels / € L and next state x € X. A ~P(L x /ci)-morphism 
is a "zig-zag" morphism, i.e., a function between the sets of states that both preserves and 
reflects the transitions. 

We can think of symbolic transition systems as ordinary P(Lx Jd)-coalgebras where the 
labels in L are pairs (c, o) (for c a contexts, and o an observation), but this representation is 
somehow inadequate. Figure [6] shows a function between the states space of two P(L x Id)- 

coalgebras. This is not a P(L x 7d)-morphism since the transition 71 ^> ab t> e.O is 
not preserved. The same holds for the morphisms in Figure [3 these are not P(ix Id)- 

$ 3 ,c* _ ... , —\aa,T 

morphisms since the transitions t — > m and t .vy .ya + a(b) .ab\ > aa± are not preserved. 

In Section [71 we will show the category of normalized coalgebras where these maps are 
morphisms. 

Under certain conditions, CoalgB has a final coalgebra (unique up to isomorphism) into 
which every B-coalgebra can be mapped via a unique B-morphism. The final coalgebra 
can be viewed as the universe of all possible B-behaviours: the unique morphism into 
the final coalgebra maps every state of a coalgebra to a canonical representative of its 
behaviour. This provides a general notion of behavioural equivalence (hereafter referred to 
as bisimilarity): two B-coalgebras are B-equivalent iff they are mapped to the same element 
of the final coalgebra. Moreover, the image of a coalgebra through the final morphism is its 
minimal realization w.r.t. bisimilarity. In the finite case, this can be done via a minimization 
algorithm, that for LTSs coincides with 
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7i — ^- a > ab.O —>• ah > a& > a&.O 



&6 > e.O 



7 



7 



'7 



MY) 



Figure 6: The dotted arrows represent a map between the states space of two transition 
systems. It is not a P(L x /(i)-morphism but it is a morphism in the category of 
normalized coalgebra. 



m ■ 



45 0,/3 



0,/3 V ) H 0,a r > 

It — >■ f ^ 10 -6— X -S— $Sr(u) 

.... %P4 9,13^ y ' 



t 2 ¥ ,3 




_ n — \aa,r _ 

T.vy.ya + a(b).abi >■ aa% 



2 
Oi 



_ —,aa _ _ 

vy.yai -e—vy.ya\aai 
vy.ya 2 vy-y a\ab 2 



■■> 92 

4 



Pi 



|aaz(g , i) 



Figure 7: The dotted arrows represent maps between the states space of transition systems. 

Both are not P(L x I<i)-morphisms, but they are morphisms in the category of 
normalized coalgebras. 



Unfortunately, due to cardinality reasons, P(L x Id) does not have a final object [40] . 
One satisfactory solution consists in replacing the powerset functor P by the countable 
powerset functor P c , which maps a set to the family of its countable subsets. Then, P C (L x 
/(i)-coalgebras are one-to-one with transition systems with countable degree. Unlike the 
functor P(L x Id), the functor P C (L x Id) admits final coalgebras (Example 6.8 of |40j ) . 

The coalgebraic representation using functor P C (L x Id) is not completely satisfactory, 
because the intrinsic algebraic structure of the states is lost. This calls for the introduction 
of structured coalgebras [H], i.e., coalgebras for an endofuctor on a category Algr of algebras 
for a specification V. Since morphisms in a category of structured coalgebras are also T- 
homomorphisms, bisimilarity (i.e. the kernel of a final morphism) is a congruence w.r.t. the 
operations in T. 
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Moreover, since we would like that the structured coalgebraic model is compatible with 
the unstructured, set-based one, we are interested in functors B r : Algr — > Algr that are 
the lifting of some functor B : Set — > Set along the forgetful functor U r : Algr Set 
(i.e., the following diagram commutes). 

B r 

Algr *■ Alg r 



u r 



Set 



u r 



Set 



Proposition 5.2 (From |14|). LetT be an algebraic specification. Let\J T : Algr -4 Set be 
the forgetful functor. If B r : Algr — > Algr is a lifting o/P c (L x Id) along U r , then (1) 
CoalgB r has a final object, (2) bisimilarity is uniquely induced by P C (L x Id)-bisimilarity 
and (3) bisimilarity is a congruence. 



In [32]) bialgebras are used as structures combining algebras and coalgebras. Bialgebras 
are richer than structured coalgebras, in the sense that they can be seen both as coalgebras 
on algebras and also as algebras on coalgebras. In [14] . it is shown that whenever B r 
is a lifting of some B, then B r -coalgebras are also bialgebras. In Section 17.21 we will 
introduce normalized coalgebras that are structured coalgebras, but not bialgebras (i.e., 
their endofunctor is not the lifting of some endofunctor on Set). This is our motivation for 
using structured coalgebras. 



6. Coalgebraic Saturated Semantics 

Recall the definition of context interactive system (Definition 14. ip . Here, and in the rest of 
the paper we will always assume to work with a context interactive system I = (C, X, O, tr) 
where (a) ||C|| (the set of morphisms of the small category C) is a countable set and (b) the 
transition relation tr has countable degree, i.e., the set of transitions outgoing from a state 
is countable. These two assumptions also guarantee that the saturated transition system 
has countable degree. 

In this section we introduce the coalgebraic model for the saturated transition system. 
First we model it as a coalgebra over Set' c ', i.e., the category of |C|-sorted families of sets 
and functions. Therefore in this model, all the algebraic structure is missing. Then we lift 
it to Algr(c) that is the category of r(C)-algebras and r(C)-homomorphisms. Recall that 
when X is a |C|-sorted family of sets, J X = X^e|c| -^i- 

Definition 6.1. G : Set' c — > Set' c is defined for each |C|-sorted family of set X and for 

each i € |C| as G(X{) = PcQ^jelCI^N'i] x ^ x / -^0)- Analogously for arrows. 

A G-coalgebra is a C-sorted family a = {cti : Xj — > G(Xj) j i € jC|} of functions 
assigning to each p £ Xi a set of transitions (c, o, q) where c is an arrow of C (context) with 
source i, o is an observation and q is the arriving state. Note that q can have any possible 
sort (qe J X). 

For each 1 = (C,X, 0,tr), we define the G-coalgebra (X,ax) corresponding to the 
SATTS, where Vi G |C|, Vp <E Xi, (c,o,q) £ «x(p) iff (cx(p),o, q) G tr. 

Now we want to define an endofunctor H on Alg r (c) that is a lifting of G and such 
that (X, aj) is a H-coalgebra. In order to do that, we must define how H modifies the 
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operations of r(C)-algebras. This is described by the following rule. 

ci,o , 
p — ■» q ci=d;c 2 

dip) ^> q 

Intuitively, this rule states how to compute the saturated transitions of d(p) from the sat- 
urated transitions of p. Indeed, if p ,C2 '° s <7> then d; c^ip) -A q and then d(p) -^%s Q- 

Hereafter, in order to make lighter the notation, we will avoid to specify sorts. We will 
denote a r(C)-algebra X as (X, d^, di, . . . ) where X is the |C|-sorted carrier set of X and 
d% is the function corresponding to the operator d l G ||C||. 

Definition 6.2. H : Alg r ( C ) — > Alg r ( C ) maps each X = (X, d^, d^, . . . ) G Alg r ( C ) into 

(G(^)>^H(X)>^H(X)' ■ • • ) Where Vd G ll C H> yA € G ( X )' d H(X)A = {(P2,i,x)|(ci,i,x) G 

A and c\ = d; C2}. For arrows, it is defined as G. 

Intuitively, H : Algr(c) ~~ ► Algr(c) can be thought of as an extension of the functor 
G : Set' c — > Set' c ' to the category Algr(c)- Each algebra X with (|C|-sorted) carrier 
set X is mapped to an algebra having as (|C|-sorted) carrier set G(X). The elements 
of G(X) with sort i are sets of triples (ci,o, x) (representing sets of transitions) where 
ci : i — > j is an arrow in C. For each arrow d : i — )• k, there is an operator in H(X) 
^H(X) : G(Xi) — > G(Xfc) that maps each set A of triples in G(Xj) into the set of triples 
{(c2, 1, x)\(c±, I, x) G A and c\ = d;c2} (note that the arrows C2 have source k). 

It is worth to note that by definition, H is a lifting of G. Thus, by Proposition 15.21 
follows that CoalgH has final object and that bisimilarity is a congruence!^ 

In [42] . it is shown that every process algebra whose operational semantics is given by 
GSOS rules, defines a bialgebra. In that approach the carrier of the bialgebra is an initial 
algebra Ts for a given algebraic signature E, and the GSOS rules specify how an endofunctor 
Bs behaves with respect to the operations of the signature. Since there exists only one 
arrow ?s : Ts — >■ Bs(Ts), to give SOS rules is enough for defining the bialgebra (i.e., 
(2~e,?e)) and then for assuring compositionality of bisimilarity. Our construction slightly 
differs from this. Indeed, the carrier of our coalgebra is X, that is not the initial algebra of 
Algwc)- Then there might exist several or none structured coalgebras with carrier X. In 
the following we prove that ax '■ X — > H(X) is a r(C)-homomorphism. 

Theorem 6.3. (X, ax) is a H-coalgebra. 

Now, since a final coalgebra Fh exists in CoalgH and since (X, ax) is a H-coalgebra, 
there exists a final morphism from (X, ax). The kernel of this coincides with because 
(a) H-bisimilarity coincides with G-bisimilarity (by Proposition I5.2f 2)) and (b) bisimilarity 
of G-coalgebras for the saturated transition system coincides with saturated bisimilarity. 

By [13] , (X, ax) is also a bialgebra (since H is a lifting). In the next section we will 
introduce coalgebraic models for symbolic semantics that are structured coalgebras but not 
bialgebras. 



Proposition 15.21 holds also for many-sorted algebras and many sorted-sets [15] . 
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7. CO ALGEBRAIC SYMBOLIC SEMANTICS 

In Section [6] we have characterized saturated bisimilarity as the equivalence induced by the 
final morphism from (X, ax) (i.e., the H-coalgebra corresponding to SATTS) to Th- This 
is theoretically interesting, but pragmatically useless. Indeed SATTS is usually infinitely 
branching (or in any case very inefficient), and so is the minimal model. In this section 
we use symbolic bisimilarity in order to give an efficient and coalgebraic characterization 
of We provide a notion of redundant transitions and we introduce normalized coalge- 
bras as coalgebras without redundant transitions. The category of normalized coalgebras 
(CoalgN T ) is isomorphic to the category of saturated coalgebras (Coalgs T ) that is (iso- 
morphic to) a full subcategory of CoalgH that contains only those coalgebras "satisfying" 
an inference system T. From the isomorphism follows that ~ s coincides with the kernel 
of the final morphism in CoalgN T . This provides a characterization of ~ s really useful: 
every equivalence class has a canonical model that is smaller than that in CoalgH because 
normalized coalgebras have no redundant transitions. Moreover, minimizing in CoalgN T 
is usually feasible since it abstracts away from redundant transitions. 

7.1. Saturated Coalgebras. Hereafter we refer to a context interactive system I = 
(C,X, 0,tr) and to an inference system T. First, we extend \~t (Definition 14. 8p with the 
operators of r(C)-algebras. 

Definition 7.1 (Extended Derivation). Let X be a r(C)-algebra. A transition p gi 
derives a transition dx(p) <?2 in X through T (written [c\,o\,qi) r^ x (£2,02,02)) iff 

there exist e, e' € ||C|| such that c±; e = d; C2 and e °* > e' € <5(T) and e^(gi) = <?2- 

Intuitively, x allows to derive from the set of transitions of a state p some transitions 

of dx(p)- Consider the symbolic transition 71 a \> ab.O in Figured] (C). The derivation 
(a, »,a l> ab.O) l~y w w (e, »,a > ab.O) hj, wff (b,»,abb > ab.O) means that aw (71) = a > 

a. ab.O ^4 a [> ab.O and a&w(7i) = abt> a. ab.O ^4 abb t> ab.O. Note that both the transitions 
are in the saturated transition system (by soundness of oj and Tyy). The former is also in 
the symbolic transition system w, while the latter is not. 

cg3 a 

For open nets, take the symbolic transition / — ^ v m of (N4J) in Figure The 

derivation ($ 3 ,a,m) ^fy^ ($,a,m) \~Tj^,n (§> a , m § 2 ) means that /$ 2 A m and Z$ 4 — > mar. 
Note that both the transitions are in the saturated transition system (by soundness of n 
and TV)- The former is also in the symbolic transition system 77, while the latter is not. 

Analogously for T.vy.ya + a{b).ab\ — — '-^ a aa. The derivation (— |aa,r, aai) l~ r ' a ^ 

(— ,r,aai) \-Z A (— \ab, r, aa|a"02) means that r.vy/ya + a{b).ab\aa\ — I aa\ and r.vy.ya + 

a{b).ab\aa\ — — 4 aa|a&2- Note that both the transitions are in the saturated transition 
system (by soundness of a and T4). The former is also in the symbolic transition system 
a, while the latter is not. 

Definition 7.2 (Sound Inference System). An inference system T is sound w.r.t. a H- 
coalgebra (X, a) (or viceversa, (X, a) satisfies T) provided that whenever (c, o, q) S a(p) 
and (c,o,g) Kf x (c',o',q'), then (c',o',q') G a(d x (p)). 
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For example, (W, aw) (i-e., the H-coalgebra corresponding to the satts of swc) satisfies 
Tyy, while the coalgebra corresponding to the symbolic transition system to does not. Anal- 
ogously for the coalgebra (N, aj^) of open nets and the coalgebra (A, aj) of asynchronous 
7r-calculus. Hereafter we use \~t% to mean \~ X x- 

Definition 7.3 (Saturated Set). Let X be a r(C)-algebra. A set A 6 G(X) is saturated in 
T and X if it is closed w.r.t. \~t,x- The set S X (X) is the subset of G(X) containing all and 
only the saturated sets in T and X. 

Definition 7.4. St : Alg r ( C ) — > Alg r ( C ) maps each X = (X,d^,d^, . . .) E Alg r ( C ) 
into S T (X) = (S|(X),d| T(x) ,4 x(x) ,...) where W € ||C||, G G(X), d^A = 

{{ c 2, 02, X2) s.t. (c\,o\,x\) £ A and (c\,o\,x\) \~ X x (02, 02, £2)}- For arrows, it is defined as 
G. 

There are two differences w.r.t. H. First, we require that all the sets of transitions are 
saturated. Then the operators are defined by using the relation Hp X . 

Notice that St cannot be regarded as a lifting of any endofunctor over Setl c L Indeed 
the definition of S X (X) depends on the algebraic structure X. For this reason we cannot 
use Proposition 15.21 

Now, let ix ■ S X (X) — > G(X) be the inclusion function. In Appendix [D] it is proved 
that it also a r(C)-homomorphism lx ■ St(X) — > H(X) and that it extends to a natural 
transformation. 

Lemma 7.5. Let l be the family of morphisms t = {lx : St(X) — > H(X), VX G |Algr(c)|}- 
Then t : St H is a natural transformation. 

It is well-known that every natural transformation between endofunctors induces a 
functor between the corresponding categories of coalgebras |40| . In our case, l : St =>■ H 
induces the functor I : Coalgs T — > CoalgH that maps each ST-coalgebra a : X — >• St(X) 
into the H-coalgebra a; : X — > H(X). 

Let Coalg H i be the full subcategory of CoalgH containing the H-coalgebras a : X — > 
H(X) that factor through lx, i.e., those a = a'; Lx for some r(C)-homomorphisms a' : X — > 
St(X). It is trivial to see that this category is isomorphic to Coalgs T . 

In order to prove the existence of final object in Coalgs x , we show that Coalg H i is 
the full subcategory of CoalgH containing all and only the coalgebras satisfying T. More 
precisely, we show that |Coalg H i| is a covariety of CoalgH- 

Lemma 7.6. Let (X, a) be a H-coalgebra. Then it is in |Coalg H i| iff it satisfies T. 
Proposition 7.7. [Coalg H i| is a covariety of CoalgH- 

From this follows that we can construct a final object in Coalg H i as the biggest sub- 
object of i*H satisfying T. Thus the kernel of final morphisms in Coalg H i coincides with 
the kernel of final morphisms in CoalgH- This argument extends to Coalgs T , since it is 
isomorphic to Coalg H i. 

If T is sound w.r.t. (X, ax), then the latter is in |Coalg H i|, i.e., a% = a' x ; lx- Note that 
(X, a' x ) corresponds through the isomorphism to (X, ax) (namely, I((X, a' x )) = (K,ax))- 
Thus, by assuming T to be sound w.r.t. (X, ax), we have that the kernel of final morphism 
from (K,a' x ) in Coalgs T coincides with 

It is worth to give an intuition about Fs T , the final coalgebra of Coalgs T . One can 
roughly thinks of Fh (the final coalgebra of CoalgH ) as the standard final coalgebra of 
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transition systems (with labels in ||C|| x O), i.e., the coalgebra of all synchronization trees. 
The final coalgebra of Coalgg T is the biggest subcoalgebra of i*H containing all and only 
those synchronization trees that are sound w.r.t. T. Note that i 7 s T is not a "convenient 
semantics domain" since all the set of transitions of a given state are saturated. In the next 
subsection, we are going to show the category of normalized coalgebras, where the final 
coalgebra contains only few "essential" symbolic transitions. 

7.2. Normalized Coalgebras. In this subsection we introduce normalized coalgebras, 
in order to characterize ~ 5 without considering the whole satts and by relying on the 
derivation relation \~t,x- The following observation is fundamental to explain our idea. 

Lemma 7.8. Let X be a T(C)-algebra. For all triples (ci, oi,p\), (c2, 02,^2) G H(X), if 
{c\,o\,p\) \~t,x (c2, 02,P2) then P2 = ex(pi) for some e <E ||C||. Moreover \fq\ G f X, 
(ci,oi,gi) h T) x (c 2 ,o 2 ,ex(q , i)). 

Consider a H-coalgebra (X, 7) and the equivalence ~ 7 induced by the final morphism. 

Suppose that p -^£ 7 p\ and p ^£ 7 &x{Pi) such that (ci,o%,p\) \~t,x (c 2 , o 2 , ex(pi))- If 
(X, 7) satisfies T (i.e., it is a Sx-coalgebra), we can forget about the latter transition. 
Indeed, for all q E J X, if q -^> 7 q\ then also q ^> 7 ex (91) (since (X, 7) satisfies T) and 
if p\ ~ 7 gi, then also ex(pi) ~ 7 ex(<?i) (since ~ 7 is a congruence). Thus, when checking 
bisimilarity, we can avoid to consider those transitions that are derivable from others. We 
call such transitions redundant. 

A wrong way to efficiently characterize ~ 7 by exploiting \~tx, consists in removing 
all the redundant transitions from (X, 7) obtaining a new coalgebra (X, 0) and then com- 
puting ^ (i.e., the ordinary bisimilarity on (X, /?)). When considering (X, ax) (i.e., the 
H-coalgebra corresponding to satts), this roughly means to build a symbolic transition 
system and then computing the ordinary bisimilarity over this. But, as we have seen in 
Section [H the resulting bisimilarity (denoted by ~ w/ ) does not coincide with the original 
one. Generally, this happens when 

(1) p pi and p -^73 p 2 with (ci,oi,pi) h Tj x (c 2 , o 2 , e x (pi)) and 

(2) ex (pi) ^ P2, but 

(3) e x (pi) ~ 7 P2- 

Notice that p C -^%-p P2 is not removed, because it is not considered redundant since ex(pi) 
is different from P2 (even if semantically equivalent). A transition as the latter is called 
semantically redundant and it causes the mismatch between ~^ and ~ 7 . Indeed, take a 
process q that only performs q -^73 qi with p\ ~ 7 q%. Clearly p ^ q, but p ~ 7 q. 
Indeed (ci,o\,q\) \~t,x (c 2 , o 2 , ex(gi)) and thus q ex((?i) (since (X, 7} satisfies T) and 
P2 ~ 7 ex(pi) ~ 7 ex(gi) (since ~ 7 is a congruence). 

As an example consider the symbolic transition system of 71 (Figure H^C)). We have 

that (1) 71 ^ w a > ab.O and 71 ab > e.O with (a, •, a t> ab.O) I~t w ,w ( a ^> •> ao > ab-0); 
(2) ab [> ab.O 7^ ab > e.O, but (3) ab > ab.O ~ s ab > e.O. Thus, the symbolic transition 

7i — ab > £-0 is semantically redundant and it is the reason why 72 = e > a. ab.O is 
not syntactically bisimilar to 71 (i.e., 71 9^ 117 72) even if they are saturated bisimilar (as 
discussed in Section [3]) . 
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As a further example consider {N±,l) (Figure [3]): (1) Z q and Z — ^ m with 
(0,a,g) I - j\c,n (S 3 ,a,$N(g)) and (2) = g$ 3 ^ m, but <?$ 3 ~ 5 m. Now consider (Nt,a). 

a 6. Clearly Z 7^ a but Z ~ s ' a (as shown in Section [2]). 

For the asynchronous 7r-calculus consider the symbolic transitions of p\ = T.uy.ya + 

a(b).abi in Figure []JB): (1) pi — $ a vy.ya,\ and pi — — 5 a ooi with (— , r, uy.ya{) \~t a ,a 
{—\aa,T : —\aax{yy7ya\))\ (2) — |aaA(^2/-yoi) = vy.ya\aai ^aa\, but (3) i/y.ya|aai ~ s ' aa\. 

Now the process r.Oi only performs — '-± a 0\. Clearly T.uy.ya + a(b).abi ^ w r.Oi, but they 
are saturated bisimilar (as shown in Section [1]). 

The above observation tells us that we have to remove not only the redundant transition, 
i.e., those derivable from \~TXi but also the semantically redundant ones. But immediately a 
problem arises. How can we decide which transitions are semantically redundant, if semantic 
redundancy itself depends on bisimilarity? 

Our solution is the following: we define a category of coalgebras without redundant 
transitions (CoalgN T ) and, as a result, a final coalgebra contains no semantically redundant 
transitions. 

Definition 7.9 (Normalized Set and Normalization). Let X be a r(C)-algebra. 

A transition (c',o',q') is equivalent to (c,o,q) in T, X (written (c',o',q') =t,x (c,o,q)) 
iff (c',o',q') h T)X (c,o,q) and (c, o, <?) br iX (c',o',q'). 

A transition (c',o',q') dominates (c,o,q) in T, X (written (c',o',q') -<t,% (c,o,q)) iff 
(c',o',q') h Ti x (c,o,q) and (c,o,q) ^ T ,x (c',o',q'). 

Let A G G(X). A transition (c, o, g) G A is redundant in A w.r.t. T, X if 3(c', o', </) G A 
such that (c',o',q') -<t,X (c,o,q). 

The set A is normalized w.r.t. T, X iff it does not contain redundant transitions and 
it is closed by equivalent transitions. The set Nj(A) is the subset of G(X) containing all 
and only the normalized sets w.r.t. T, X. 

The normalization function norniT,x '■ G(X) — > N^(X) maps A G G(X) into {(c', o', q') 
s.t. 3(c,o,q) G A s.t. (c',o',q') =t,x (c,o,q) and (c,o,q) not redundant in A w.r.t. T, X}. 

Recall W = (Wor, W, Oyv>> ^ r w) and Tyy (introduced in Section|3|). Consider the coalge- 
bra (U, C) partially depicted in Figure[8^B). Here we have that (a, •, 7') l~Tyv,u ( a ^> *■> ^u(t')) 
but (a6, •,6u(t')) !/r w ,u («, •,7 / )- Tnus («) , ) 7 / ) ^Tv.U (ab, •, 6u(t')) and then the set 
C(t)> i-e., the set of transitions of 7, is not normalized (w.r.t. Tyv,U) since the transition 
(ab, ; bu(7')) is redundant in £(7). By applying norniT wv to £(7)1 we get the normalized 
set of transitions {(a, •,7')} (Figure E^C)). It is worth noting that in swc, two transitions 
are equivalent iff they are the same transition. 

Now consider N = (Tok,N, A, trj^f), (introduced in Section [4]) and the coalgebra 
(¥,7) partially depicted in FigureEKA). Here we have that (0, a,v) I~tv,y ($ 3 ,a,$y(v)) but 
($ 3 ,a, $|(^)) Vtm,y (0, 01, v). Thus (0,a, v) -<Tjv,y ($ 3 , «, $y( u )) an d tnen tne set l( u )> i- e -> 
the set of transitions of u, is not normalized (w.r.t. T//,Y) since the transition ($ 3 , a, $y("u)) 
is redundant in 7(1*). By applying normY^ to 7(1*), we get the normalized set of transitions 
{($,a,v)} (Figure E{B)). Also in open Petri nets, two transitions are equivalent iff they are 
the same transition. 

Finally consider A = (Out, A, O^, trj), T4 (introduced in Section H|) and the coalgebra 
(Z, S) partially depicted in Figure [9^C). We have that (— ,r, qi) \~t^,z ( — l« a > r > ~~ |««z(<Zi)) 
but (— \aa, t, — \aaz(qi)) Vt a ,z (-,t, The same holds for (— \ab, r, — \abz(qi))- Thus 
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7i — ^ a > a&.O — >■ a6 t> -s-^- a& > afe.O (A) 
ah > £.0 



06 



7 



■7 



MY) (B) 



si 



MY) (C) 



Figure 8: (A) Part of the normalized coalgebra (W, ayv! norrriT Wt w) ■ (B) Part of a not nor- 
malized coalgebra (U, £). (C) Part of a normalized coalgebra (U, C; norrriT w ,v) ■ 
The dotted arrows represent a Nx w -morphism from (W, ayy; normr w ,w) to 
(U,(;norm Tw ,u)- 
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Figure 9: (A) Part of a not normalized coalgebra (Y, 7). (B) Part of a normalized coalgebra 
(Y, 7; norrriTjv^)- (C) Part of a not normalized coalgebra (Z, <5). (D) Part of a 
normalized coalgebra (Z, <5; norrriT A ,z) ■ 



the set <5(pi), i.e., the set of transitions of p\, is not normalized (w.r.t. T_4,Z) since the 
transitions (—\aa,T,—\aaz(qi)) and (—\ab,T,—\abz(qi)) are redundant in <5(pi) (they are 
dominated by (— , r, qi)). By applying normz,T A to £(pi), we obtain the normalized set of 
transitions {(— , r, qi)} (in Figure[9^D)). Also in the asynchronous 7r-calculus, two transitions 
are equivalent iff they are the same transition. 

Definition 7.10. Nt : Alg r ( C ) — > Alg r ( C ) maps each X = (X, d x , . . . ) G Alg r ( C ) into 
N T (X) = (N^(X),dl T ^ x) ;norm Ti x,dl T(x) ;norm T ,x,- ■ ■)■ For all h : X ->• Y, let H'(/i) : 
N T (X) -)■ H(Y) be the restricion of H(/i) to N T (X). Then, N T (/i) : N T (X) ->• N T (Y) is 
defined as H' (h);norrriT,Y- 
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Hereafter we will sometimes write H(/t) to mean its restriction H'(/i). 

The coalgebra (U, Q (partially depicted in Figured]) and (¥,7), (Z, 6) (in Figure 
EKA)(C)) are not normalized. In order to get a normalized coalgebra for our running exam- 
ples, we can normalize their saturated coalgebra (W,«w), (N, ajv") and (A, ajs) obtaining, 
respectively, {W,ayv;norm,T w ,w), (N, a./v-; norm^N) and (A,a^;normT A ,A)- For 71 and 
72 in Figure Hl^C), for the nets in Figure [3] and for the process T.vy.ya + a(b).ab\, this co- 
incides with their SCTS. Section [8] discusses the exact relationship between a SCTS and the 
transition system that is obtained by normalizing ax- 

The most important idea behind normalized coalgebra is in the definition of Nx(/i): we 
first apply H(/i) and then the normalization norrriT,Y- Thus Nx-morphisms must preserve 
not all the transitions of the source coalgebras, but only those that are not redundant when 
mapped into the target. 

For instance, consider the function h from (W, aw; norniT Wt w) to (U, C; norrriT w ,v} that 

is partially depicted in Figure El Note that the transition 71 ^> ab \> e.O is not preserved, 
but h is however an Nx-morphisms because the transition (ab, •, 6u(t')) * s removed by 

normT w ,v- Thus, h forgets about the transition 71 ab > e.O that is indeed semantically 
redundant. 

For the asynchronous it, consider the coalgebra (N , aj\f; normx^ ,n) ■ For the state I, 
it coincides with the SCTS rj (Figure E^C)). Consider (Y, 7; norm^y) (partially repre- 
sented in Figure 0(B)) and the r(Tok)-homomorphism h : N — >■ Y that maps l,m,n,o 
into u, %\{v ), x, w (respectively) and p, q into v. The morphism is shown in Figure[7J Note 

$ 3 a $ 3 a 

that the transition I — ^ m is not preserved (i.e., u -f-^^ h(m)), but h is however a 
Nx-morphism, because the transition ($ 3 ,a,/i(m)) G H(h)(r](l)) is removed by normT^^Y- 

Indeed h(m) = %\(v) and (%,a,v) h Tjv - iY ($ 3 , a, $!(!>)). Thus, we forget about I — ^ m 
that is, indeed, semantically redundant. 

As a further example, consider the coalgebras (A, a^; norrriT A) h) ■ For the state T.vy.ya+ 
a(b).abi, it coincides with the SCTS a (in Figure [D^B)). Consider (Z,5;normT A ,z) (par- 
tially represented in Figure E^D)) and the r(Out)-homomorphism h : A — > Z shown in 

Figure [7J Note that for all i G Af the transitions T.vy.ya + a(b).abi — — % a aii are not 

preserved (i.e., p\ — ^,5 h(aii)), but h is however a Nx-morphism, because the transi- 
tions (— \ai, r, h(aii)) G H(g)(a(T.vy.ya + a(b).ab\)) are removed by norniT At z- Indeed 
hiaii) = — \aiz(qi) and (—,T,q\) \~t a ,z (~ [ai, T -, ~ |S«z(<7i)). Thus, we forget about all the 

transitions — - — ^ Q aii that are, indeed, semantically redundant. 

7.3. Isomorphism Theorem. Now we prove that CoalgN T is isomorphic to Coalgs T . 

Definition 7.11 (Saturation). Let X be a r(C)-algebra. The saturation function satT,x '■ 
G(X) — > S][(X) maps all sets of transitions A G G(X) into the set {(c', 0' , x') s.t. (c, o, x) G 
A and (c, o, x) \~t,x (c',o',x')}. 

Saturation is intuitively the opposite of normalization. Indeed saturation adds to a set 
all the redundant transitions, while normalization junks all of them. Thus, if we take a 
saturated set of transitions, we first normalize it and then we saturate it, we obtain the 
original set. Analogously for a normalized set. 
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However, in order to get such correspondence, we must add a constraint to our theory. 
Indeed, according to the actual definitions, there could exist a ST-coalgebra (X, 7} and an 

infinite descending chain like: • • • -<t,x P -^-> 7 P2 ~<T,x P -^-> 7 Pi- In this chain, all the 
transitions are redundant and thus if we normalize it, we obtain an empty set of transitions. 

Definition 7.12 (Normalizable System). A context interactive system X = (C,X, 0,tr) 
is normalizable w.r.t. T iff VX G Alg r ( C ), <t,X is well founded, i.e., there are not infinite 
descending chains of -<t,x- 

In Appendix [A] we show that the context interactive systems for open nets and asyn- 
chronous 7r are normalizable w.r.t. their inference systems. 

Lemma 7.13. Let X be a normalizable system w.r.t. T. Let X be T(C)-algebra and A E 
G(X). Then V(<i, o, x) 6 A, either (d,o,x) € norm,T,x(A) or 3(d',o',x') € normT,x(A), 
such that (d',o',x') -<t,x (d,o,x). 

The above lemma guarantees that normalizing a set of transitions produces a new set 
containing all the transitions that are needed to retrieve the original one. Hereafter, we 
always refer to normalizable systems. 

Proposition 7.14. LetnorrriT, respectively, satx be the families of morphisms {norm,T,x '■ 
S T (X) N T (X), VX G |Alg r(c) |} and {sat T ,x ■ N T (X) -> S T (X), VX € |Alg r(c) '|}. 
Then norrriT ■ St =>■ Nt and sat? '■ Nt St ore natural transformations. More precisely, 
they are natural isomorphisms, one the inverse of the other. 

As for the case of the natural transformation t, we use the fact that that any natural 
transformation between endofunctors induces a functor between the corresponding cate- 
gories of coalgebras [40J. In the present case, norrriT ■ St => Nt induces the functor 
NORMt : Coalgs T — > CoalgN x that maps every coalgebra (X, a) in (X, a; norrriT,x) 
and every cohomomorphism h in itself. Analogously satx '■ Nt => St induces SATt : 
CoalgN T — > Coalgs T . These two functors are one the inverse of the other. 

Theorem 7.15. Coalgs T and CoalgN T are isomorphic. 

Thus CoalgN T has a final coalgebra -Fn t and the final morphisms from (X, aj; norm.T,x) 
(that is NORMt (X, a x)) still characterizes ~ 5 . This is theoretically very interesting, since 
the minimal canonical representatives of ~ 5 in CoalgN x do not contain any (semantically) 
redundant transitions and thus they are much smaller than the (possibly infinite) minimal 
representatives in Coalgs x . Pragmatically, it allows for an effective procedure for minimiz- 
ing that we will discuss in the next section. Notice that minimization is usually unfeasible 
in Coalgs T , since the saturated transitions systems are usually infinite. 

8. From Normalized Coalgebras to Symbolic Minimization 

In [10], we have introduced a partition refinement algorithm for symbolic bisimilarity. First, 
it creates a partition Pq equating all the states (with the same interface) of a symbolic 
transition system f3 and then, iteratively, refines this partition by splitting non equivalent 
states. The algorithm terminates whenever two subsequent partitions are equivalent. It 

C O 

computes the partition P n +i as follows: p and q are equivalent in P n +i iff whenever p -^-g p\ 

C O 

is not-redundant in P n , then q qi is not-redundant in P n and p\,q\ are equivalent in 
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7i - — *- a > ab.O — *- ab > ■< — ab > ab.O 




ab > e.O 



Po = {7i;72, a > o&-0, ab [> 0, ab > e.O, ab > ab.O} 
Pi = {7i,72}{a > ab.0}{ab > 0}{ab > e.0,ab > ab.O} 
P2 = {7i,72}{a > ab.0}{ab > 0}{ab > e.0,ab > ab.O} 

Figure 10: The partitions computed for 71 = e > a. ab.O + ab.e.O and 72 = e > a. aft.O. 

c' o' 

P n (and viceversa). By "not-redundant in P n ", we mean that no transition p — ^ exists 
such that (c',o',p[) \~t,x {c,o,p' 2 ) and p' 2 ,Pi are equivalent in P n . 

Figure [TUl shows the partitions computed by the algorithm for the symbolic transition 
system to of 71 = e > a. ab.O + ab.e.O and 72 = e > a. ab.O. In Pq all the configurations are 
equivalent since they all have the same interface (more generally in swc, all the configura- 
tions have the same interface). Then in Pi, {ab > e.0,ab > ab.O} are distinguished by all 
the other configurations because they are the only ones that can perform a transition with 
s. Analogously, ab > is different from all the others, because it is the only that performs 
no transition, while a > ab.O is distinguished because it can perform a b transition. Note 

that 71 and 72 are equivalent in Pi, because the transition 71 ab D> e.O is redundant in 
Po. Indeed (a, •, a > ab.O) I-t w ,w (06, •, ab o a6.0) and ab D> e.O is equivalent to ab \> ab.O in 
Po. The same holds for P2. 

Figure [TT1 shows the partitions computed by the algorithm for the SCTS 7/ of the marked 
nets (Ni,a) and (A^,/) of Figure [3j Note that a and I are equivalent in the partition 

Pi, because the transition / m is redundant in Pq. Indeed, I q, (0, a, q) l~7v,N 
($ 3 , a, a$ 3 ) and m is equivalent to g$ 3 in Pq. Analogously for the other Pj. 

Figure [T2] shows the partitions computed by the algorithm for the SCTS a of the 
asynchronous processes r.uy.ya + a(b).abi and r.Oi. Since the SCTS of the former pro- 
cess is infinite, our algorithm cannot work in reality. We discuss this issue in the next 
section and for the time being, we imagine to have a procedure that can manipulate 
this infinite lts. First of all, note that all the states with different interfaces are differ- 
ent in Pq (while in the case of swc and open nets, all the states have the same inter- 
face). Moreover, r.vy.ya + a(b).abi and r.Oi are equivalent in the partition Pi, because 

for all i € uiq, the transitions T.vy.yb + a{b).ab\ — — '-¥ a aii are redundant in Pq. Indeed, 

T.vy.ya + a{b).ab\ — % a uy.yai, (—,T,vy.yai) \~t a ,a (—\ai,T,vy.ya\aii) and aii is equivalent 
to vy.ya\aii in Pq. Analogously, for P2. 

The terminal sequence 1 <— Nt(1) N^,(l) <— . . . (where 1 is a final r(C)-algebra) 
induces a sequence of approximations of the final morphism from (X, ax', norm^x) to 
Pn t - The 0-approximation !o : X —¥ 1 is the unique morphism in Algr(C). The n + 1- 
approximation \ n +i '■ X — >■ N™ +1 (1) is defined as ax', noriwrx.', Nt(!h)' 
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Po 

Pi 
Pi 
P 3 
Pi 



{a, I, b,p, q, q$ l , o$, g$ 2 , n, q$ 3 ,m} 



{a, l}{b,p, q}{q$\ o$, q$ 2 , n, q$ 3 ,m} 
{a, l}{b,p, q}{q$\ o$}{q$ 2 , n, q$ 3 ,m} 
{a, l}{b,p, q}{q$\ o$}{q$ 2 , n}{q$ 3 , m} 
{a, l}{b,p, q}{q$\ o$}{q$ 2 , n}{q$ 3 , m} 



Figure 11: The partitions computed for the marked nets (Ni,a) and (N4,l). 




N T (X) 



N™ +1 (1) 



In this section, we show that the kernel of the n-approximation ! n coincides with the partition 
P n computed by the algorithm. Formally, ! n (p) = ] -n(q) iff P is equivalent to q in P n . 

Proposition 8.1. Let X = (C,X, 0,tr) be a context interactive system. Let T and /3 
be, respectively, an inference system and SCTS that are sound and complete for I. Then 
ax; nor tut, x = /3;normT,x- 

The above proposition states that the transition systems resulting from the normal- 
ization of the saturated ax coincides with the systems resulting from the normalization 
of the symbolic /3. Note that usually (3^/3; norm,T,x, because our definition of symbolic 
transition system does not guarantee that (3 is normalized (according to our definition, also 
the SATTS is a symbolic transition system). For instance, the symbolic transition system of 
71 in Figure H] (C) is normalized, while the one of e D> u.p + v.p in Figured] (B) is not. 

For all the nets in FigureEl the symbolic transition system is normalized w.r.t. N but, for 

the net 52 in Figure it is not. Indeed both d z and d V -A- v zy, and the former dominates 
the latter in N. Also in the case of asynchronous it, the symbolic transition system a is not 

normalized. Consider the process T.cd+a(b).(cd\ab)4. The symbolic transition — ■ — '-+ a cd\ab4 

is dominated by — '-+ a cc^. 

However, when computing the n + 1-approximation ! n +i, we can simply use (3 instead 
of /3; normT,x- Indeed, 

f3; norm T ,x] N T (! n ) = P; norm T ,x] H(! n ); norm^n^ = f3; H(! n ); norm TN n (1) 

where the former equivalence follows from the definition of NtOu) (Definition 17. 10p and 
the latter follows from Lemma lE.31 2 in the Appendix. Thus, ! n +i = /3; H(! n ); norm^m"^)- 

Now we can show by induction that \ n+ i{p) =\ n+ \{q) if and only if p and q belongs to 
the same partition in -P n +i. 

The base case trivially holds since !o : X — > 1 maps all the states (with the same 
interface) into the same element and Pq equates all the states (with the same interface). 
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r.Oi 



_ —,ab _ 

vy.ya 2 ■< — uy.ya\ab 2 

Po = {r.Oi, T.vy.ya + a(b).ab\, Oi, uy.yai, vy.ya\aa\, aai} 

{0 2 , vy.ya 2 , vy.ya\ab 2 ,ab 2 }{0 3 , vy.ya 3 , uy.ya\ac 3 ,ac 3 } . . . 

Pi = {r.Oi, r.vy.ya + a(b).abi}{Oi, uy.yai}{vy.ya\aai, aai} 

{02,^y.ya2}{^y.ya|a6 2 ,a62}{03,^y.ya3}{^y-ya|ac3,ac 3 } . . . 

P 2 = {r.Oi, r.vy.ya + a(b)Mi}{Oi,vy.yai}{vy.ya\aai, aai} 

{02,^y.ya2}{^y-ya|a^2,a&2}{03,^y-ya3}{^2/-y«|ac 3 ,ac 3 } . . . 

Figure 12: The partitions computed for r.vy.yb + a(b).ab and r.O. 

For the inductive case, note that by definition /3;H(! n )(p) is equal to the set of tran- 
sitions (c, o, ! n (pi)) such that p p\. Then applying norm T N™(i) to this set, means to 
remove all the transitions (c, o, ! n (j>i)) such that there exists a (non equivalent) transition 
(c',o', !„(>;)) G /3;H(! n )(p) such that (c', o', \ n (p'i)) hr,N»(i) (c, o, !„(pi)). By Lemma E2 
and Lemma lD.31 in the Appendix, the latter becomes: there exists a (non equivalent) tran- 
sition (c.,o',Pi) £ such that (c / ,o',p' 1 ) h^x (c, o,p 2 ) an d 'n(Pl) = 'n(P2)- By inductive 
hypothesis, ! n (pi) =! n (p 2 ) iff Pi an d p 2 belongs to the same partition in P n . Thus, the 
normalization norm-^ n^(i) junks away all the redundant transitions in P n . Summarizing 

! n+ l(p) is equal to the set of transitions (c, o, \ n (pi)) such that p pi and the latter is 
not redundant in P n . Therefore, \ n+ i{p) =\ n+ i(q), iff whenever p pi is not-redundant 

C O 

in P n , then q — >g qi is not-redundant in P n and pi,qi are equivalent in P n . 

We end up this section by showing "in algorithmic terms" why normalized coalge- 
bras are not bialgebras. By virtue of Proposition 15.21 2. minimization in bialgebras can be 
performed, by first forgetting the algebraic structure, and then minimizing in Set. Mini- 
mization in CoalgN T , instead, heavily relies on the algebraic structure. Indeed in Figure 
[TUI the algorithm needs abt> ab.O to compute the partition of 71. Note that 71 cannot reach 

through the symbolic transitions ab\>ab.O, but this is needed for checking if 71 abt>e.O 
is redundant. In Figure [TTj in order to compute the partitions of I, the algorithm needs the 
state q$ s that is not reachable from I. Also in Figure [T2"l we need the state vy.ya\aai that 
is not reachable from T.uy.ya + a(b).abi. 

Summarizing, given a state x of a normalized coalgebra (X, /3; norm,T,%), in order to 
compute the partitions on the states reachable from x, the algorithm needs "some" states 
that are not reachable but that are somehow connect via the algebraic structure X (such 
as the states described above). In [10], we have shown that the number of the needed 
"extra states" is finite in all the interesting cases and it can be computed in the initializa- 
tion phase of the algorithm. Moreover, it is important to remark here that X is the only 
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algebraic structure that is involved in the algorithm: as described above, the normalization 
reorm TjN n (at iteration n + 1) can be computed by just using the algebra X. 

9. Conclusions and related works 

The paper introduces two coalgebraic models for context interactive systems [8]- In the first 
one, the saturated transition system is an ordinary structured coalgebra (X, ax) and its final 
morphism induces The second model is the normalized coalgebra (X, ax', normT,x) that 
is obtained by pruning all the redundant transitions from the first one. The equivalence 
induced by its final morphism is still but this characterization is much more convenient. 
Indeed, in the final normalized coalgebra all the (semantically) redundant transitions are 
eliminated. Moreover, minimization is usually feasible with normalized coalgebras and 
coincides with the symbolic minimization algorithm introduced in |10j . 

As a lateral result, we have obtained coalgebraic models for both open Petri nets and 
asynchronous 7r-calculus. 

Unfortunately, symbolic minimization is unfeasible in the case of asynchronous ir, be- 
cause the symbolic transition system is infinite. Indeed, in the definition of ~* (Definition 
ll.2p . a process is put in parallel with all possible outputs ab. Our symbolic transition sys- 
tem eliminates all those outputs whose subjects a are not needed, but yet it considers all 
the possible objects b. We could have defined a different SCTS that considers only those 
objects that are strictly needed but, anyway, in the asynchronous -zr-calculus there are sev- 
eral other sources of infiniteness. Amongst these, one always appears when considering 
"nominal calculi" where systems are able to generate and communicate names: every time 
that a system generates a new name and extrudes it, the system goes in a new state that is 
different from all the previous. HD-Automata [33j are peculiar ltss that allow to garbage 
collect names and avoid this further source of infiniteness. As future work, we would like to 
extend our framework to HD-Automata, so that we will be able to handle systems that gen- 
erates infinitely many names. In particular we conjecture that the resulting minimization 
algorithm will generalize both [35] and [38] that provide a partition refinement algorithm 
for asynchronous and open bisimilarity. The reader is referred to |10] for a more detailed 
comparison with [35] and |38j. 

Concerning open bisimilarity |41j , a coalgebraic model has been proposed in |22] , How- 
ever, this is the saturated version, i.e., the one that takes into account all the possible 
substitutions. In |8], we have given a context interactive system for open 7r-calculus, and 
thus our work also provides a coalgebraic model for the "efficient characterization" of open 
bisimilarity. 

Besides open Petri nets, asynchronous and open 7r-calculus, context interactive systems 
also generalize Leifer and Milner's reactive systems |29| . The main novelty of our framework 
consists in having observations and inference rules. The latter generalize the notion of 
reactive contexts of |29] , Indeed c is reactive iff the following inference rule holds. 

c{p) A c(q) 

Concretely, the main advantage of our framework w.r.t. [29] is that we do not need the 
existence of RPOs and thus we can avoid those encodings into bigraphs [32] and borrowed 
contexts [16J. The main disadvantage is that our framework does not provide a constructive 
definition for the lts: constructing a sound and complete symbolic transition system is left 
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to the ingenuity of the researcher. We refer the reader to [U Hj for a detailed comparison 
between context interactive systems and reactive systems. 

In [6], the first author together with Gadducci and Monreale has shown a reactive sys- 
tem for mobile ambients [12] . Thus, the present work indirectly provides also a coalgebraic 
semantics for mobile ambients. A coalgebraic model for this calculus has been previously 
proposed in [23] but it characterizes action bisimilarity that is strictly included into reduc- 
tion barbed congruence [30]. Action bisimilarity is defined as the ordinary bisimilarity on 
the symbolic transition system and thus it is an instance of what we have called syntactic 
bisimilarity 

Besides their large applicability, normalized coalgebras are interesting for a more the- 
oretical reason: at our knowledge, these are the first example in literature of structured 
coalgebras that are not bialgebras. Indeed, both the definitions of saturated and normal- 
ized set of transitions (Definition 17.31 and 17.91 respectively) strongly rely on the underlying 
algebraic structures. This is evident in the minimization algorithm in CoalgN T that heavily 
employs the algebraic structure. 
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Appendix A. Normalizable Systems 

In this appendix we show that the context interactive system J\f = (Tok, N, A, trj^f) is 
normalizable w.r.t. TV and that A = (Out, A, O^, trj) is normalizable w.r.t. T4 (all these 
are defined in Section 2]). Then we show an example of a not normalizable systems. 

Proposition A.l. N = (Tok, N, A, trj^) is normalizable w.r.t. T\/\ 

Proof. Recall that arrows of Tok are multisets (over sets of input places) and that c; d = e 
if and only if c © d = e. Then, for all r(Tok)-algebra Y, 

(ci, A, 21) -<Tx,Y (02, A', x 2 ) 

only if the multiset c\ is strictly included into the multiset c 2 . Since all multisets are finite 
also the descending chains must be finite. □ 

Proposition A. 2. A = (Out, A, 0_4, tr a) is normalizable w.r.t. T4. 

Proof. Recall that arrows of Out are contexts representing parallel output processes and 
that c; d = e if and only if e is the syntactic composition of c with d. Then, for all T(Out)- 
algebra Y, 

(ci,o,qt) ^ Ta ,y (c 2 ,o',q 2 ) 
only if the context C2 is the parallel composition of c\ with some other outputs. Since all 
contexts are finite then the descending chains must be also finite. □ 

Example A. 3. As an example of not normalizable context interactive system consider the 
category NAT> defined as follow: 

• objects are natural numbers and 00, 

• there is an arrow n — > m, if n > m or if n = 00. 

Since for any two objects n, m there is only one arrow, we call this arrow just as n — > m. 
Consider now a context interactive system J\fAT> = (NAT>, X, O, tr) for some X, 0,tr. 
Let T be the tile system that states that all contexts preserve transitions. 

We have that MAT> is not normalizable with respect to T. Indeed, let F be the final 
T(NAT>). In this algebra there is only one element * for each sort (natural number), and 
an arrow n — > m of NAT> is interpreted in the function mapping * of sort n into * of sort 
m. Since 00 — > n can be decomposed in 00 — > n + 1 — > n, then 

(00 — > n + 1, 1,-k) -f.T,w (00 — > n, I, *). 

This trivially leads to an infinite descending chain. 
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Appendix B. Proofs of Section [4] 
Proposition 14.31 ~ 5 ' is the coarsest bisimulation congruence. 

Proof. Since ~ 5 is a saturated bisimulation, then it is also a congruence: if p ~ 5 q, then 
for all contexts c%, it holds that cx(p) ~ s ' cx{q). 

In order to prove that it is the coarsest bisimulation congruence, we prove that any 
bisimulation congruence R is a saturated bisimulation. 

Suppose that p R q. Suppose that cx{p) — > p' ■ Since R is a congruence, then 
cx(p) R cx{q). Since R is a bisimulation cx(q) — > q' an d p'Rq' ■ Thus R is a saturated 
bisimulation. □ 

Proposition 14. 4L Let (N\,m\) and (N2,rri2) be two marked nets both with interface I. 
Thus (JVi,mi) ~ N {N 2 ,m 2 ) iff {N u m x ) ~f {N 2 ,m 2 }. 

Proof. The definition of ~ 5 instantiated to the context interactive system J\f, requires that 
(Ni,mi) and (N2,rri2) (a) make the same transitions with the rule (tr) and (b) they are 
still equivalent when adding multisets i 6 J®. The definition of ~ w instead requires that 
the two nets perform the same transitions with both the rule (tr) and the rule (in). But 
the latter rule just adds multisets i G I® and thus it is just the same of point (b) above. 

□ 

Proposition 14.51 Let p, q be asynchronous 7r -processes, and let n > max fn(p U q) . Then 

P^ 1 q iffPn ~n (In- 
Proof. Let R = {(p, q) \ p n q n n > max fn(p U q)}. In order to prove that p n ~„ q n 
implies p ~ x q, we prove that R is an 1-bisimulation, i.e., an or-bisimulation closed under 

composition with output processes. Suppose that p — > p (the cases of r and output are 
easier). First of all observe that p n ~^ q n implies that Vm > n p m ~^ q m . Now since j 
is fresh, we have that j — 1 > n, and thus Pj—i j—\ Qj-i- By definition of tr^, we have 

that Pj-i -^a Pj an d, since Pj-i Qj-1> it follows that qj-i Qj an( ^ Pj ~f Qj aim 

then, p'Rq'. Again by definition of tr^, we have that q — > q' . This prove that R is an 
or-bisimulation. Now we have to prove that it is closed under composition with output 
processes, but this is immediate since ~ 5 is a congruence w.r.t. composition with output 
processes. 

Let R be the w-sorted relation, such that Vn € u, R n = {(PmQn) \ P ~ X Q, n > 
max fn(p U ?)}. In order to prove that p ~ x q implies p n ~^ q n , we prove that R is a 

saturated bisimulation. Let c S Out [n,m] and suppose that c(p n ) m —>a p' m +i (the case 

of r and output are easier). By definition of tr^, c(p) - + I p'. Now, since p ~ x q, by 
definition of 1-bisimulation, it follows that c(p) ~ x c(q) because contexts c are just parallel 

output processes. Thus c(q) l ^ m+1 } q' anc | p' q' gy definition of tr^, it follows that 
c(q n ) -4a q'm+i and ' by definition of R, that p' m+1 R m+ iq' m+1 . □ 

Theorem 14.121 Let T be a context interactive system, (3 a context transition system and 
T an inference system. If (3 and T are sound and complete w. r. t. X, then 
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Proof. Let R = {Ri C Ij x X; | % E |C|} be the |C|-sorted family of relations, such that 



R J = {(c(p i ),c(q i )) I cGC[i,j], Pi ~r M qi}. 



SYM 

VPi), ^KliJJ I ^ t v-p, Jj, pi - 

In order to prove that ~ s ' yA/ c~' s we prove that i? is a saturated bisimulation. Suppose 
that cijRjbj thus there exists c G C[i, j] such that c(p,) = aj, c(qi) = bj and pi ~? yM 

Hereafter, in order to make lighter the notation, we avoid to specify the sort of processes 
and contexts. Thus, p, q, a, b stand for, respectively, pi, qi, a,j, bj. 

Suppose that d(a) = d(c(p)) -V p\ then, by definition of satts, p c ^h fS gy 

completeness of /3 and T, we have that p P2 such that p p2 \~t P Pi, i-e., 
3e, ei S ||C|[ such that: 

• e ei € *(T), 

• c 2 ; e = c; d, 

• ei(p 2 ) = Pi- 

Since p r^ SYM q^ q q 3 Q — ^ q2 and p 2 ~ 5 ' yM (72- From the former we have that 
3/, fi € ||C|| such that: 

h 

• c 3 ;/ = c 2 , 

• /lfe) = <72- 

Since <3?(T) is closed by composition, then f; e »- fx; e\ € <&(T). Moreover C3; /; e = 

(a 

c 2 ;e = c; d Thus q —^p 93 hr 9 ei(g 2 ). Since /3 and T are sound, it follows that 

q c ^l. s ei(q 2 ), i.e., d(b) e 1 (q 2 ). Since p 2 ~ SYM g 2) then ei(p 2 ) # e 1 (q 2 ), i.e., pi i? ei(<? 2 ). 

For proving that r^ s Qr^, SYM ; take p ~ s ' g: if p -^r p\ then also p -^5 pi and, since 

p ~ s ' g, g ^4 5 qi with pi ~ s gi. By completeness of f3, we have that q qi \~t q <7i- 

□ 

Proposition [4T131 a; and Ty^ are sound and complete w.r.t. W. 

Proof. Proving soundness is quite easy. Just observe that (1) if u > p ^4^, v! > then 
ut) O p A «' o p' and (2) the "monotonicity property" described in Section [3] holds. 

For proving completeness we suppose that u>w(t) ~> 7" (i-e., 7 7") and we proceed 
by induction on the structure of the process of the configuration 7. The inductive case for 
7 = u > p\ + p 2 is trivial. The base case is as follows. 

Take 7 = u\ > u 2 .p (thus ww(t) = i*iu; > U2-p)- Note that 7" must be equal to «iu> Op 
(by the rules defining iryv>). Since the configuration u\w t> U2-p perform a transition then 
U2 is a prefix of (again by the rules defining tryy). There are two possible cases: either 
U2 is a prefix of u\ or not. 

In the former case, by the leftmost rule (defining uj), 7 = ui t> u 2 .p u\ \> p and by 
definition of \~t w , this transition derives 7 ^> ww(«i > p) = u\w \> p = 7". 

If U2 is not a prefix of ui, then there exists u,v E A* such that w = vu and m 2 = ui«. 
By the central rule (defining a;), we have that 7 = u\ t> u\v.p u\v >p and, by definition 
of \~t w , this transition derives 7 ^> uyy(uiv t> p) = u\w \> p = 7". □ 
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Proposition IT. 151 Let (N\,mx) and (N2,m2) be two marked nets both with interface I. 
Thus (JVi,mi) ~ NS {N2,m 2 ) iff {N u m x ) ~f yM (iV 2 ,m 2 ). 

Proof. The general condition of symbolic bisimilarity 

• if p ^3 p', then q -^^g q[ and q -^^g q[\~T Q q' and p' R^q' ■ 

for the context interactive system J\f, the SCTS 77 and the inference system T^/, becomes 

• if (Ni,mi) ^r, {N 1 ,m' 1 ), then (iV 2 ,m 2 ) (N 2 ,m' 2 ) and {N 2 ,m 2 ) ij ^ v {N 2 ,m' 2 ) \- TAf 
(iV 2 ,m 2 ) H„ (# 2 ,rog) and (jV x , m' 1 )R I (N 2 , m'{). 

From the latter, we have that Ai = A and there exists k £ I® such that 7 = j O k and 
= m 2 © ^. These are the conditions of net-symbolic bisimilarity. □ 

Proposition [4T161 ij andTj\f are sound and complete w.r.t. TV. 

Proof. We have to prove: 

• (completeness) if (N, m) (N, m!) then 

(N, m) (N, mi ) and (N, m) ^ v (N, mi) H TaA (N, m) H (N, mf). 

• (soundness) if (N,m) -^-4^ (N,mi) and (N,m) l -^-4^ (N,mi) \~t^ (N,m) — > (N,mf) 

then (iV,m) ^ s (N,m'). 

Let us prove completeness. If N,m O i — >j\f N,m', then there exists a transition t € T, 
such that A(t) = / and m © 7 = *t © c and m' = i" © c. We can take ci = 777 (777(1 *t) 

and %\ = *t Q (m Pi *t). and apply the only rule of 77, and N, 777 JV, t' © c\. Note that 
i\ C 7, since by definition 74 is the smallest multiset that allow the transition t. Thus let 

x = iQi\. We have N, m l -^ v N, t' © c\ \~t m N, m -^Ttf(n) N, m'. Indeed: 

• i\ © x = i; 

• f © ci © x = 777', because ciffix = 7770( , tn 777)ffix = 777© m tO ('trim) x e *i = 

777071 0X0 *t = 77707 't = C 

For proving soundness observe that if (N,m) i ^-^- T] (N,mi) then (N,mOii) — V (N,mx). 

Moreover, if (N,m) i -^-^ r i (N,mi) hjv (N,m) ^> (N,m'), then Ai = A there exists x £ I® 
such that 7i © x = 7 and mi x = m'. 

Thus, (JV, 777 7i x) -4 (JV, mi © x), that means (/y,777> ^5 (JV,m'>. □ 

Proposition 14.181 Lei p, g 6e asynchronous it -processes, and let n > max fn(p U g) . T/ien 
p~ a q iffPn ~n YM (In- 
Proof. Here we prove that if p n q n then p ~ a q (the other implication is analogous) . 

Let R = {p, q \ p n ~n YM q n } be a symmetric relation. We prove that R is an asynchro- 
nous bisimulation. 

Take p n ~^ yM q n and suppose that p ^ p' and j is fresh. First, observe that Vm > 77, 
Pm ~m YM 9m- Then, note that since j is fresh, j — 1 > 77 and thus pj-i <Zi-i- 

By definition of £7^4, Pj_i — ^ Q p^-. Now since Pj_i ^-i 1 Qj-1, Qj-1 must answer with 

a transition <7j__i ^ a q" such that (jj_i </' hj^ (7j_i — q'j and p^ ~J yM <Zj- By 

definition of T4, the only such transition is qj—i -—la Qj- Now, by definition of a, we have 
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ifj) 

that q — > q 1 and, by definition of R, p'Rq'. We can proceed analogously in the case of 
output and r. 

For the input, suppose that p — > p' . Then p n ^ a p' n , where n' = max {j,n}. Now 

since p n ~ syA/ q n , q n must answer with a transition q n ^r a q" such that q n ^ a q" \~t a 

q n ^ a </ and p' n , ~ S J M q' n ,. 

By definition of T4 there are two possibilities: 

-I'J'T -/ — J _/ SYM „l rr^i 



^q, g^, and p^, ~„/ q' n ,. Thus q —4 q' and p'-Rg'- 

• 9n (?" and by using the rule (TAU)_|-, q n ^ a q^ \~t a q n -^> Q q"\ij and p' n , ~f, yM 
{q"\ij) n ' ■ Thus q — > q" and p'Rq"\ij. 

Note that it is correct to write q' n ,, since fn(g') = in(q\ij) C n'. The same holds also for 
(q"\ij) n r - fa(q") = f n (<z) ^ ra and thus fn(g"|r/) C n'. □ 

Proposition [4T191 a andTj^ are sound and complete w.r.t. A. 

Proof. We have to prove: 

• (completeness) if p n ^5 q m then p n g^, and p n C -A- a q' m , \~ Ta p n C A S q m . 

• (soundness) if p n q' m , and p n y q g^/ p n -^s 9m then 

Pn qm- 

For soundness just observe that if p ^ a p' then c(p) A p' and that all the rules of T4 
are sound. Let us prove completeness. Suppose that fi = r (the other cases are easier): 

Pn q-m 

implies that c(p n ) m — » g m and c G Out [n,m]. By definition of tr A , it follows 
that c{p) — )■ q. Since c could be only the parallel composition of outputs, by the definition 
of the operational semantics of asynchronous n, it follows that either p — > q' (such that 

q = c (q')) or c ^4 c' (where c = — \ij\d) and p ^ q' (such that g = c'\q'). 

In the former case, by definition of a, we have that p n — '-> a q' n and using the rule (tau) c 
of T4, we have that p n -$ a q' n \~t a Pn c (q'n)m = qm- In the latter case, by definition of 
a, we have that p n ■ "S a q ' , where n' = max{j, n}. Now, take c' G Out[n', m], by the rule 

— I ij t — I ij I 7~ 

(TAU) C / of T A , we have that p n q' n , \~ Ta p n ^ c(q n ,) m = q m . □ 



Appendix C. Proofs of Section [6] 

Theorem 16.31 Let X = (C,X, 0,tr) be a context interactive system. Then (X, ax) is a 
H-coalgebra. 

Proof. We have to prove that ax '■ X — > H(X) is a r(C)-homomorphism, i.e., that Vx G X 
and Vd G T(C), ax(dx(x)) = d H (X)("x(x))- 

Let (c, Z,y) G ai(dx(^)) be a saturated transition of dx(x). Then by definition of 
ax, (d;c,l,y) G aj(x). By definition of c?h(x) and by (d;c,l,y) G ai(x), follows that 
(c,l,y) G d H (X)(ax(2;))- 

Now let (c, Z,y) G d H (x) ( a x( x ))- By definition of dn(x) we have that (d;c,l,y) G axix) 
and, analogously to before, (c,l,y) G aj(dx(^))- D 
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Appendix D. Proofs of Section 17.11 

Before proving Lemma 17.61 and Proposition 17. 7| we prove some important lemmas about 
the derivation relation r-y X . Moreover, at the end of this appendix we formally show the 
existence of the final object in Coalgs T . 

Lemma D.l (composition of l^x) - 

If(c,l,x) Kf )X {c',l',x') hf. x (c",l",x") then (c,l,x) h^ e x {c",l",x"). 

Proof. From the hypothesis we derives that there exists d' , d" , e' , e" € | [C| [ such that d; d = 
c; d and e; c" = c; e and d' — -y>- d and e — e" such that d^(x) = x' and e x (a; ) = x . 

From all this, we derive that (d;e);c" = c;(d';e') and that d';e' — d";e" and that 
e x(^x( x )) = x " ■ Then the thesis immediately follows. □ 
Lemma D.2 (l~y X is preserved by homomorphisms). 

Let h : X — > Y be a r(C) -homomorphism. If (c,l,x) (c',l',x r ), then (c, H^y 
(c>,l\h(x>)). 

Proof. If (c, Z,x) h^, x (c',l',x'), then there exists <i' S ||C|| such that d; c' = c;d' and 
cf — y-*- <i" and = • r '- Since /i is an homomorphism h(x') = h(d'-^(x)) = <i Y (/i(£)), 

and then (c, I, h{x)) h^ Y (c', h(x')). □ 
Lemma D.3 (r-j* x is reflected by homomorphisms). 

Let h : X — > Y be a r(C) -homomorphism. If (c,l,h(x)) I~^y {d,l',y'), then 3x' G X, suc/i 
t/iat /i(x') = y' and (c, Z, x) h^ x (c', x'). 

Proof. From the hypothesis we derive that there exists / € ||C|| such that c; / = d;c' and 
/ — y-*- /' and = y'. Since /i is an homomorphism, = y'. Then we have 

that (c,U) Hf, x (</,/', &(s)). □ 
Proposition D.4. St : Algr(c) — > Algr(c) is a functor. 

Proof. First of all, we have to show that VX £ |Alg r( - C )|, St(X) € |Alg r ( C )|. Notice that 
all the operators ds T (X) are well defined, i.e., MA £ S X (X), <is T (X)(A) is still a saturated 
set of transitions, i.e., it is closed w.r.t. x . Then we have to prove that id Sx ( X ) coincides 
with the identity function. This is trivial since idg T (x)(^4) consists in closing the set of 
transition A w.r.t. But since A is saturated , it is already closed. Finally we have to 

prove that (c; d) Sx ( X ) = c St ( X ); ^s t (x)> bvrt this is trivial consequence of Lemma fD. 11 

Then we have to prove that if h : X — > Yin Algp(c), then also St(^) : St(X) — > St(Y). 
This follows easily by Lemma ID.2I and Lemma ID.31 

Then preservation of identity and arrow composition follows from the fact that St is 
defined as H on arrows and on the fact that H is a functor. □ 

Lemma D.5. The inclusion l% : S X (X) — > G(X) is a T (C) -homomorphism from the 
algebra S T (X) to H(X). 
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Proof. We have to prove that for all A G S^(^Q and d G ||C||, tx(ds T (x)(^)) = ^H(X) i L (A)). 

Let (c, l,x) G Lx(ds T (x)(A)), then there exists (c',l',x r ) G ^4 such that (c',l',x r ) h^ x 
(c,l,x). By definition of l~yx' we a ^ so have that (c',l',x') \~t,x (d;c,l,x) and since A 
is saturated, then (d;c,l,x) G A. Since ix is simply the inclusion, we also have that 
(d;c,l,x) G tx(^4) and thus, by definition of d H (x)) ( C J> X ) S ^h(x)( / -x( j 4))- 

The other direction is analogous. □ 

Lemma 17.51 Zei i 5e t/ie family of morphisms t = {lx '■ St(X) — > H(X), VX G |Algr(c)|}- 
T/ien t : St =^H is o natural transformation. 

Proof. From Lemma lD.51 it follows that each i% is a morphism in Algr(c)- The fact that 
V/i : X — > Y, ty; H(/i) = St(/i); <<y follows from the fact that, by definition, St(^) = H(/i). 

^ □ 

Lemma 17.61 Let (X, a) be a H-coalgebra. Then it is in |Coalg H i| iff it satisfies T. 

Proof. Let (X, a) be a H-coalgebra. If it satisfies T, then Vx € X, a(x) G S X (A). This 
means that a factor through the inclusion tx : St(X) — > H(X). 

If T is not sound, then 3x G X, d G ||C|| such that (c,l,y) G a(x) and (c,l,y) h^, x 
(c',l',y') and (c',l',y') £ a(d x (x)) = d H( x)(a(x)). From (c,l,y) h^ x (c',l',y'), we have 
that (c, hr,x (d; c' ,1' ,y'). From this setting follows that (d;c' ,1' ,y') ^ a(c) because, 
otherwise, by definition of d H (x)> we would have that (c',l',y') G dH(x)( a ( x ))- Thus a(x) 
is not saturated, i.e., a(x) ^ S X : (X). □ 

Proposition W7f\ |Coalg H i| is a covariety o/ CoalgH, i.e., is closed under: 

(1) subcoalgebras, 

(2) homomorphic images, 

(3) sums. 

Proof. A coalgebra (X, a) is a subcoalgebra of (Y, (3) if there is an arrow m : (X, a) — > (Y, /3) 
that is mono in all its components (for a more formal definition look at Appendix IF]) . 

The fact that |Coalg H i| is closed under subcoalgebras means that whenever there is 
a subcoalgebra m : (X, a) — > (Y, /3) in CoalgH such that (Y, /3) G |Coalg H i|, then also 
(X, a) G |Coalg H i|. This can be easily proved by employing Lemma 17.61 

If (Y, j3) G |Coalg H i|, then it satisfies T. Suppose ab absurdum that (X, a) does 
not satisfy T. Then there exists x G |X|, [c\,l\,x\) G a(x) and (02,^2,^2) ^ a(x) 
such that (ci,ii,o;i) hx,T (£2,^2,^2)- Now, since m is a cohomomorphism we have that 
(ci, /1, m(xi)) G /3(m(x)). By Lemma fD.21 it follows that {c\,li,m{x\)) \~y,t (C2, h, m(x2)). 
Since (Y, /3) satisfies T then also (02, ^2, "1(^2)) £ /3(m(x)). At this point, since m is a coho- 
momorphism then it must exist a £3 G X, such that (ci,/i,X3) G a(x) and m(x3) = m(x2). 
But since m is mono in all its components, then X2 = £3 and thus (ci, Zi, X2) G a{x) against 
the hypothesis. 

Let h : (X, a) — > (Y,/3) be an arrow in CoalgH- The homomorphic image of (X, a) 
through h, is the coalgebra (1, 7) induced by the unique factorization of h = e; m (as shown 
below), where e is an arrow with all components epi and m is an arrow with all components 
mono (look at Appendix IF|) . 
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The fact that | Coalg H i | is closed under homomorphic images means that whenever 
there is a cohomomorphism h : (X, a) — > (Y, /3) in CoalgH such that (X, a) G |Coalg H i|, 
then also (1,7} G |Coalg H i|. This can be easily proved by employing Lemma 17.61 

If (X, a) G |Coalg H i|, then it satisfies T. Suppose ab absurdum that (1,7) does not 
satisfy T. Then there exists an i 6 |I|, (ci,Zi,ii) G 7(2) and (02,^2,22) ^ 7(2) such that 
(ci,/i,ii) \~i t T (£2,^2)^2)- Now, since e is epi in all its components, there exists x%, such 
that e{x\) = i\ and since e is a cohomomorphism there exists x G X such that h{x) = i 
and (ci,/i,xi) G a(x). By Lemma [D.3I and by {ci,l\,i\) \~i,t (£2,^2,^2), it follows that 
there exists X2 G (X) such that e{x2) = i% and (c\,li,xi) \~x,T (02,^2,^2)- Now, since 
(X, a) satisfies T, then also (C2J2, ^2) G a(x). And now, since e is a cohomomorphism 
(c2,Z2)*2) G 7(1) against the initial hypothesis. 

In CoalgH, ah the colimits are defined as in Algr(c) (for classical argument in coalgebra 
theory). Recalling that Alg r ( C ) is isomorphic to Set c , it is easy to see that all colimits 
exists and they are constructed as in Set. Thus, it is trivial to prove that if (X, a) and 
(Y, j3) satisfy T, also their sum, i.e., (X + Y, a + f3), satisfies T. □ 

Theorem D.6. Coalg H i has final object F H / . 

Proof. The proof is a standard argument in the theory of coalgebras. 

Hereafter, we write "H^-coalgebra" as a short-hand for "H-coalgebra in |Coalg H i|". 
In order to construct F^i, consider all the unique H-cohomorphisms of H^-coalgebras to 
-Fh (the final object of CoalgH). Consider their homomorphic images through these final 
morphisms. All of them are subobjects of Fh and all of them are H^-coalgebras, because 
|Coalg H i| is closed under homomorphic images. Now, since these are subobjects of -Fh 5 we 
can define F^i as their union. In order to prove that F^i is final, it is important to note 
that it is still a subcoalgebra of Fh (Corollary 1.4.14 of [28J), and thus we have a mono 
m : F^i —> ^hB- Then for any H^-coalgebra (X, a) there exists a morphism to F^i since 
it is the union of all the images to -Fh- Then, this morphism is unique since m is mono. 
Moreover, F H / satisfies T, since covarieties are also closed by unions of subcoalgebras. 

Another way of proving this theorem relies on Corollary 2.2.4 of [28J. From such 
corollary and from Proposition 17.71 it follows that Coalg H i is a reflective subcategory 
of CoalgH- □ 

Corollary D.7. Coalgs T has final object F$ T - 

Proof. From the above theorem and from the fact that Coalgs T is isomorphic to Coalg H i • 

□ 

^For this is important to notice that all morphisms in Mc (defined in Appendix |Fj) are also mono. 
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Corollary D.8. Let (X, a) be a St -coalgebras. Let tfx a \ be the unique morphism to Fh 
and let be the unique morphism to Fs T . Thus 

^,a)( X ) = ! S,a)(y) { t ' and 0nl y ^'Sa)^) ^(xjajGO- 

Proof. Note that -F H / = I(i ? s T ) for I being the functor described in Section [7.11 Moreover, 
from the proof of the above theorem, we have that F^i is a subobject of Fh- O 

Appendix E. Proofs of Section [772] 

In this appendix we prove several lemmas that describe interesting properties of the nor- 
malization function. In particular these properties are useful to show that Nt is a functor. 
Hereafter, we will always implicitly assume to have a normalizable context interactive sys- 
tem (Definition EE]). 

Lemma 17.81 Let X be a T(C)-algebra. If (ci,oi,pi) \~t,x (c2,02,P2) then p2 = ex(pi) for 
some e G ||C||. Moreover V<?i G Y, (ci,o\,qi) h T ,x (c2, o 2 , e%(?i)). 

Proof. Both observations trivially follows from the definition of hyx (Def. I7.ip . □ 

Lemma 17.131 Lei X be a normalizable system w.r.t. T. Let X be T(C)-algebra and A G 
G(X). T/ien V(d, o, x) G .A, either (d,o,x) G normT,x(^) or 3(d',o',x') G normTi( J 4), 
suc/i i/iai (d',o',x') ^t,x (d, o, x). 

Proof. If there exists no (d', o', x') with (d', o', a/) -<t,x (d, o, x), then (d, o, x) G normT,x(A). 
If it exists, then consider a chain ••• -<t,x ^2,^2,^2) -<t,X (d^ZijXi) ^t,x (d,l,x). Since 
-<T,x is well founded there exists no infinite chains like this. Let (d',l',x') G A be the 
last element of such a chain. Since it is the last, it is not redundant and then (d',l',x') G 
normT,x(A). Moreover since ~<t.x is transitive (as proved in the next lemma), we have that 
(d',i',x'Hr,x (d,l,x). □ 

Lemma E.l. Let I be a context interactive system and T be an inference system. Let X, 
Y be r(C)- algebras. 

(1) -<t,x is transitive, 

(or better, if{d",l",x") h TjX (d',l',x') ^ T , x (d,/,x) then (d",l",x") ^, T ,x (d,l,x)) f 

(2) If (d' ,l' ,x' ) = T ,x (d ,lo,x ) ^ T ,x (di,/i,xi) = T ,x {d' x ,l' x ,x' x ) then 
(d' ,l' ,x' Q ) ^ TiX (d 1 ,l[,x / 1 ), 

(3) Ifh:X->Y and (d,/,x) ee TjX (d',l',x') then (d,l,h(x)) = T ,Y (d',l',h(x')). 

Proof. Suppose that (d",l",x") \~t,x (d',l',x') -<t,x (d, l,x), then we have both 

{d",l",x") h T , x (d',l',x') h TjX (d,/,x) and (d,l,x)P T ,x (dV',x'). 

We derive (d",l",x") \~t,x (d,l,x) by the former, and (d, Z,x) Ft,x (d",l",x") by the latter 
(otherwise if (d,l,x) \~t,x (d",l",x") then also (d, Z,x) h-j-,x (d',l',x')). 
For the second point is sufficient to note that 

(d' ,Zo,Xo) h TjX (d ,Zo,^o) hr,x (di,/i,xi) h TjX (d' l7 x'J, 

and then (dp,Zp,Xg) '"^x (d^Z^x^). Moreover (d^Z^x^) Ft,x (do,Z ,x ), since otherwise 
(di,/i,xi) \- T) x {do,l ,x ). 

For the third point we use that h^x is preserved by homomorphisms (Lemma ID.2h . Q 
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Lemma E.2. If(d,l,x) G normTX c s T (x)(A), then (d,l,x) G cs t ck)(A). 

Proof. If (d, I, x) G norrriTXi c s T (x)(^)> then by definition of cg T (x)> there exists {d! , I', x') G 
norm,T,x(A) such that (d' , /', x') \~xx (d, I, x). Now by definition of normalization, there ex- 
ists {d"\ I", x") G A such that (d", I"', x") = T ,x (d', I', x'). Then (d" , I", x") h TjX (d f , 1', x') h^ x 
(d,l,x), and then (d,l,x) G c St ( X )(^4). □ 

Lemma E.3. VX,Y € |Alg r(c) [ andMh G Alg r(c) [X, Y], 

( 1 ) norm Tt x ; d$ T (X) ; norm T> x = d$ T (x) ; norm T ,x , 

(2) norm-j^x; H(fo); norm/r,Y = H(/i);norm^¥, 

(3) norm,T,x is idempotent. 

Proof. For the first point we prove that VA G |H(X)| and Vc G T, 

c ST (x);normT,x(-4) = norm T ,x] c s T (x); norm Tj x(^4). 

cs T ( X );norm T> x(A) C norm T ,x] c St(X ); norm Tj x(-4) 
Suppose that (e',l',x') G cg T (x); normT j x(j4), then there exists (e, Z,cc) G cs T (x)(^4) such 
that: 

(1) (e,Z,x)= T ,x(e',r, 2 ; / ), 

(2) it is not redundant in cs T (X)(A). 

By definition of cg T (x), there exists (do,lo,xo) G vl such that (do,lo,Xo) h^ x (e,l,x). 

Now, by Lemma [7.131 there exists (d' ,l' ,x' ) G raormT,x(^4) that either dominates 
(do,lo,xo) or (cZq, Zq, x'q) = (do,lo,xo). From definition of cg T pn, it follows that (e,Z,x) G 
norm,T,x', cs T (x)0<4)- Now we have directly that (e, l,x) G normxX cg T ( X ); normr,x(^4)- 
Indeed, suppose ab absurdum that (e, Z, x) ^ norrriTXi cg T (x); ^ormr ) x(-A), then there exists 
a (ei,/i,xi) G norniTXi cg T (x)(^4) that dominates (e,l,x). Now, by Lemma TE.2[ we have 
also that (ei,li,x±) G cs T (x)(^4) that leads to absurd with 2. 

Then (e,l,x) G norm T x c St (x); norm T ,x(A), and also (e',l',x r ) G normT.x; Cs T (x) 
; normT,x(^4); since the normalization function closes w.r.t. all equivalent transitions. 

norm T ,x] c s T (x);norm T ,x(A) C c St{X ); norm T ,x(-4) 
Suppose that (e',l',x') G norm^x; Qs x (x); norm T,x(^4), then there exists 

(e, l,x) G normrXi c s T (x)(^4) such that: 

(1) (e,l,x)= T>x (e',l',x'), 

(2) it is not redundant in norrriTXi C S T (X)(^)- 

Now, by Lemma fE. 21 (e, l,x) G cg T (x)(^4)- Now we have that (e,l,x) G cg T (x)! 
norrriT,x(A). Indeed, suppose ab absurdum that (e, I, x) £ c St (x); norm,T,x(A), then there 
exists a (ei,Zi,xi) G cg T (x)(^4) that dominates (e, l,x). Now, by definition of cg T (x)> 
(dgj/oi^o) ^ ^4 such that (cZq, Zq, £c ') '"tx (ei, xi). Now, by Lemma 17.131 and by 
(cVq,Iq,Xq) G A, it follows that (d'y ,1'q ,x'q) G normr,x(^4.) that either dominates (cZ ', Zg, 2Tq) 
or (cZg'Vo'j^oO = (^ojC^o)- % definition of c St (x), (ei,/i,xi) G norm T X C S T {X)( A ) and 
this together with 2 leads to an absurd. 

Thus (e, Z, x) G cs T (x)'i norm T,x(A) , and since (e, Z, x) = (e',l',x'), 

(e',l',x r ) G c ST{ xy, n orm Tt x(A). 
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For the second point we prove that MA G H(X), 

normTXi norrriT,Y(A) = H(h);norrriT,Y(A). 

normTX] H(/t); norm,T,Y(A) Q H(h);norrriT,Y(A) 
Suppose that (d',l',y') G normrX H(/i); norm,T,Y(A). Then there exists 

(d,l,y) G normT,x) H(/t)(A) such that 

(1) (d,Z,y) = T ,y (d'^y'), 

(2) it is not redundant in norrnxX H(/i) (A). 

Then 3x G X such that = y and (d, Z, x) G normT,x(^4) and then 3(d", I" , x") G ^4 such 
that (d,l,x) = T ,x (d",l",x") and (d", I", h(x")) G H(/ij(A). 

Now suppose ab absurdum that (d",l",y") ^ H(Zi); norm^y^) where y" = h(x"). 
Then 3(d ,Zo,yo) G H(h)(A) such that (d ,lo,yo) ^t,y (d",l",y"). Howe ver, if (d ,lo,yo) G 
H(/i)(A), then (do,Zo,xo) £ ^4 such that h(xo) = yo and by Lemma 17.131 there exists 
(d' ,l' ,x' ) G normT,x(^4) that either dominates (do,Zo,£o) or (d ,Z ,x ) = (dQ,lo,xo). By 
Lemma TP, 21 we have that (d' , 1' , h(x' )) \~t,y (do,lo,h(xo)) -<t.y (d",l",y") and, by Lemma 
EUl, (d' ,l Q ,h(x' Q )) -Kt,y (d",l",y") =t,y (d,l,y). Since (d' , 1' , h(x' )) G norm^x; H(h)(A), 
this leads to an absurdum. 

Now we have (d", I", y") G H(h);norm T , Y (A) and (d", I", y") = t ,y (d, I, y) = T ,Y (d' , I', y') 
and, since norniT t Y closes w.r.t. all equivalent transitions, 

(d',l',y') eH.(h);norm T ,Y(A). 

H(/i); norrriT,Y(A) C norrriTX H(/i); norm^yC-A) 
Suppose that (d',l',y') G H(/i); normT,y(^4), then there exists (d,l,y) G H(/i)(j4), such 
that: 

(1) (d,Z,y)= TjY (d',Z',y'), 

(2) it is not redundant in H(/i)(A). 

Then 3x G X, such that h(x) = y and (d,l,x) G A 

By Lemma l7.13l 3(do,Zo,xo) £ fiormr,x(^4) (and (do,Zo)^o) £ -4) that either dominates 
(d, I, x) or (do, Zo, ^o) = (d, I, cc), and by Lemma fD. 21 (do, Iq, h(xo)) \~t,y (d, I, h{x)). Now we 
have two possible cases: or (d,l,h(x)) Ft,y (do, lo, h(xo)), or (d,l,h(x)) \~t,y (do,lo,h(xo)). 
In the first case we have that (do, lo, h(xo)) -<t,y (d, I, h(x)), and this lead to absurdum with 
2. Then, only the latter is possible, i.e., (do,lo,h( x o)) =t,y (d,l,h(x)). 

Now suppose ab absurdum that (do, lo, h(xo)) ^ norrriTX H(/i); normr,Y(A). Then 
3(di,l\,yx) ^ norrriTX that dominates (do >Zo) M x o))- Thus Etei G X such that 

h(x\) = yi and (rfi,ii,o;i) G norrriT,x(A) and (d^Z^a^) G A such that (d^Z^a^) =t,x 
(di,/i,xi). 

Thus (d[,l[,h(x[)) G H(/i)(4) and 

(d' 1 ,Zi,/t(a; / 1 )) =t,y (di,/i,yi) ^ T>¥ (d , Z , /i(x )) =t,y (d,l,y), 

i.e., (d' 1 ,Z' 1 ,/i(x / 1 )) ^t,y (d,l,y), against 2. 

Then we have (do, lo, h(xo)) G norrriTX H(/i); normr j y( J 4) and then also (d',l',y') G 
norrriTX', H(h);normT,Y(A). 

For the third point we prove that MA G Nt(X), normT,x( j 4) = A. This is trivial, 
since norrriT^x junks away all the redundant transitions and add all those equivalent. But 
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since A is normalized, it does not contain any redundant transitions, and it is still closed 
by equivalent transitions. □ 

Proposition E.4. Nx : Alg r ( C ) — > Alg r ( C ) ^ s a functor. 

Proof. First of all we have to prove that VX € Algr(c) 5 Nt(X) is a r(C)-algebra. In order 
to prove that, it is enough to show that (c;c?)n t (x) = cn t (x) ; d^ T pn and that «(2n t (x) is 
the identity function. 

For the former, notice that (c; d) NT (x) = (c; d)s T (X); ™orm T> x = c St (x); 4> t (X); norm T ,x 
since Sx(X) is a r(C)-algebra. Now, By Lemma lE.31 1. we have that it is equal to 

cs T (X); norrriTXi ds T (X);norm T ,x, 

i.e., c Nt ( X ); ^Nt(X)- 

For the latter, notice that applying id Nx (x) to a set of transitions A, it is the same of 
closing A w.r.t. the derivation relation \~t,x an d then normalizing it. Now, if A is normalized, 
one can close it w.r.t \~t,x, and then normalize it, obtaining the same set A. This is formally 
proved by Proposition 17.141 

Now we prove that Nt(/i) is still a r(C)-homomorphism. Recall that H(/i) = St(^), 

cn t (X);N t (» = c ST (x);norm Tj x;N T (/i) = c St (X ) ; norm T ,x) S T (h); norm T ,Y = 
(by Lemma ES12) 

cs T (xy,S T (hy,norm Ti Y = S T (h); c St (y); norm TjY = 

(by Lemma lE.31 1) 

S T (h);norm T x,Cs T (x)norm T) Y = N T (/i); c St ( Y) ; norm T ,Y = N T (/t); c Nt(X ). 

In order to prove that Nx(ic?x) = ^n t (x) it is enough to observe that Nx(idx) = 
H(idK);normT,x = ^h(X); norm T,x- Since in Nt(X) all the elements are normalized, by 
Lemma lE.31 3. normalization plays no role. 

In order to prove that Nt preserves composition we use Lemma lE.31 2: V/i : X — > Y, g : 

Y -> Z, 

N T (/i; p) = H(/i; 5); norm T ,z = H(/i); H(p); norm T ,z 
= H(/t); norrn T x,tt(g)-,norm Ti z = N T (/i); N T (p). □ 

At the end of the appendix we prove the main theorem. Note that proof of Lemma 17.131 is 
in Appendix [El 

Lemma E.5. norm T ,x : S T (X) -> N T (X) and sat T) x : N T (X) -> S T (X) are T(C)- 
homomorphisms. 

Proof. For all operators c, we have that 

c St(X ); norm T: x = by Lemma [E3U = norm T X c s T {x)', norm T ^x = norm T X Pn t (X)- 
For satT,x we have that cn t (x), - sa *T,X = cs x (x)5 norm,T,x\ sa ^r,x- Note that 

cs T (X);norm T x, sat T ,x = c Sx (x)! sat T ,x 
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since saturation adds everything that is removed by normalization. At this point, it is 
enough to prove that c St(x) ; sat T ,x = sat T ,X> C S T (X)- 

We have to prove that MA G |H(X)|, c St (x)! sat T ,x{A) = satxx c St (x)(A). 

cs T (xy, sat T ,x(A) Q sat T x c s T (X){A) 
Suppose that (e,l,x) G c St (x)i satT,x{A), then there exists (e',l',x') G c St ( X )(A) such that 
(e', x') \~t,x (e, I, x), and by definition of cg T (x)> there exists (e' , Iq,x' ) G A (and then also 
in satT,x(A)) such that (e' , l' Q , x' ) h^ x (e', x') \~t,x (e, /, x). Then (e' , 1' , x' ) (e, I, x), 
and then (e,l,x) G sat T x c St (X)(A). 

sat T x c s T (x)(A) Q c St(x) ; sat T ,x(A) 
Suppose that (e,Z,x) G satrX c 8t(X)(A), then there exists (d',l',x f ) G saiT,x(^4) such that 
(d',l',x') (e, Z,x). Thus, by definition of sat<r,x, there exists (d",l",x") G A such that 
(d",l",x") h T)X (d',l',x'). Then (d",l",x") h^ x (e,Z,x) and then (e,Z,x) G c St(x) (A), and 
then (e,Z,x) G c St ( X ); so*t,x(^)- □ 

Lemma E.6. norrriT and satx are isomorphisms, one the inverse of the other. 

Proof. Since by Lemma IE. 51 norrriT,x and satT,x are morphisms in Algr(c) 5 we have just 
to prove that norrriTX satx,x = ^s T (x) and satTX norm T,x = ^n t (X)- 

noririTXi sa tT,x(A) C A 
If (d,l,x) G norrriT,x'i sa tT,x(A), then (d',l',x') G norm-r,x(^4) such that (d',l',x') \~t,x 
(d,l,x). Thus (d",r,x") G A such that (d",l",x") = T ,x (d',l',x'). Then (d",l",x") h T ^ x 
(d,l,x). Now, also (d,l,x) G A, since A is saturated. 

yl C normT,x\ satT,x(A) 
If (d,l,x) G A then, by Lemma I7.13( there exists (d',l',x') G norr?i/r,x(^4) that either 
dominates (d,l,x) or (d',l',x') = (d, Z,x). Thus (d,l,x) G normxX sa ^T,x(A). 

satT,x'> norm T,x(A) C yl 
If (d',l',x') G satTX> norm T,x(A) then there exist (d,l,x) G satr,x(^4) such that 

(1) (d 5 Z,x) = T>x (d',i / ,x / ), ' 

(2) it is not redundant in saiT,x(-<4)- 

Then 3 (do, ^o, #o) £ such that (do,/o,^o) l~T,x (d,l,x). Now we have two possibilities. 
Firstly, (d, /, x) Ft,x (do, Zo, ^o), then (do, Zo, ^o) -<T,x (d, Z, x) and this is absurd with 2. Sec- 
ondly, (d, Z,x) hr,x (do,Zo,xo) and then (d, Z,x) =t,x (do,Zo,^o), an d since A is normalized, 
(d,l,x) G A. 

yl C satTX> norm T,x(A) 
If (d, Z,x) G A, then (d, Z,x) G sair.x^)- Now suppose ab absurdum that (d, Z,x) ^ 
satr,x; norrriT,x(j4) then there exists a (d',l',x') G satT,x(A) that dominates (d, Z,x). Then, 
by definition of satx,x, (d",l",x") G j4 that dominates (d',l',x'). But then (d",l",x") 
dominates also (d, Z,x), against the hypothesis that A is normalized. □ 
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Figure 13: normx and sa^r are natural transformations. 



Proposition [77141 LetnorrriT, respectively, sat? be the families of morphisms {norniT,x '■ 
S T (X) -> N T (X), VX e |Alg r(c) |} and {sat T ,x : N T (X) -> S T (X), VX € |Alg r(c j|}. 
XTien norm? ■ St Nt and satx ■ Nt =>■ St are natural transformations. More precisely, 
they are natural isomorphisms, one the inverse of the other. 

Proof. Since by Lemma lE.61 norm,T,x and satr,x are one the inverse of the other, we have 
only to prove that they are natural transformation, i.e., that diagrams (ii) and (iii) in 
Figure [13] commute. Notes that by definition, Nt(/i) = H(h);norrriT,Y and thus diagram 
(ii) commutes by Lemma lE.31 2. 

Then, by Lemma lE.6[ also diagram (iii) commutes. □ 

Theorem 17.151 Coalgs T and CoalgN T are isomorphic. 

Proof. Let NORMt : Coalgs T — > CoalgN T be the functor sending an object (X, a) into 
(X, a; norrriT,x) and any morphism h to itself. Let SATt : CoalgN T — > Coalgs T be the 
functor sending (X, a) into (X, a; sai^x) and any morphism h in itself. By Proposition 17. 14| 
these are clearly, one the inverse of the other. □ 



Appendix F. Factorization system for H-coalgebras 

The notions of subcoalgebra and homomorphic image have been introduced in [3D], for coal- 
gebras over Set. These notions have been extended by Kurz in his thesis [28J to coalgebras 
over a generic category C, by employing factorization systems. 

As subcolagebras and homomorphic images are fundamental for proving that |Coalgs T | 
is a covariety of CoalgH (and thus proving the existence of final system), we briefly report 
here these definitions. 

Definition F.l (Factorization System). Let C be some category, and let E,M be classes 
of morphisms in C. Then (E, M) is a factorization system for C if and only if 

(1) E, M are closed under isomorphism, 

(2) C has (E , M) -factorizations, i.e., every morphism / in C has a factorization f = e;m 
for e 6 E and m € M, 

(3) C has the unique (E, M)-diagonalisation property, i.e., whenever the square 

A — B 

f X 
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commutes for m £ M and e £ E, then there is a unique diagonal d making the two 
triangle commute. 

The theory of coalgebras has been mainly developed for coalgebras over Set. In Section 1.4 
of [28j, Kurz generalizes this theory for coalgebras over a generic category C, by providing 
four axioms relying on a factorization system for C and some properties of the endofunctor. 
These axioms guarantees that the resulting category has all the good qualities of coalgebras 
over Set, such as, for example, that the collection of all subcoalgebras of a coalgebra is a 
complete lattice. 

It can be easily proved (looking at Algr(c) as Set c ) that the endofunctor H satisfies 
these four axioms when considering the following factorization system. 

Definition F.2. The factorization system for Alg r ( C ) is (Ec, Mc), where Ec is the class of 
| C [-indexed homomorphism having all components epi, while Mc is the class of |C|-indexed 
homomorphism having all components mono. 

Here, we want to show that the forgetful functor U : Coalgs T — > Algr(c) creates 
factorizations with respect to (Ec, Mc) (Axiom 1.2). This means that if h : (X, a) —¥ (Y, /3) 
is a morphism in Coalgs T and h = e;m is a factorization in (Ec, Mc), then it is also a 
factorization in Coalgs T , i.e., e,m are also cohomomorphisms. This is graphically depicted 
below. 




H(X) 



H(Y) 



If the back square commutes and h = e; m is factorization with respect to (Ec, Mc), then 
also H(e) is in Ec and H(m) is in Mc- The unique arrow 7 comes from the diagonalization 
property noting that: 

X >■! 



a;H(e) 



H(H) 



H(m) 



m;/3 

H(Y) 



At this point we can define subcoalgebra and homomorphic image. 

Definition F.3 (Subcoalgebra). Let m : (X, a) — > (Y, J3) be an arrow of Coalgn- Then 
(X, a) is said a subcoalgebra of (Y, j3) if m G Mc- 

Definition F.4 (Homomorphic Image). Let / : (X, a) — > (Y, /3) be an arrow of Coalgn- 
The homomorphic image of (X, a) through / is the coalgebra (1, 7) shown in the diagram 
above. 
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